www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.to/US-probes-new-CCP-virus-origin
Effective URL:
https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591....
Submission: On August 17 via api (August 17th 2021, 11:25:06 am UTC) from US

Summary HTTP 358 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 81 IPs in 10 countries across 57 domains to perform 358 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.ntd.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2a1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
7	65.9.79.193 65.9.79.193	16509 (AMAZON-02) (AMAZON-02)
2	35.244.243.66 35.244.243.66	15169 (GOOGLE) (GOOGLE)
9	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 3	65.9.73.18 65.9.73.18	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	13.225.78.34 13.225.78.34	16509 (AMAZON-02) (AMAZON-02)
4	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.97.157 34.120.97.157	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	35.201.68.206 35.201.68.206	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
31	184.24.21.156 184.24.21.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
12	136.243.217.162 136.243.217.162	24940 (HETZNER-AS) (HETZNER-AS)
7	3.37.97.189 3.37.97.189	16509 (AMAZON-02) (AMAZON-02)
11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	136.243.42.249 136.243.42.249	24940 (HETZNER-AS) (HETZNER-AS)
5	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
9	54.77.19.59 54.77.19.59	16509 (AMAZON-02) (AMAZON-02)
4	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
4	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
8	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.68.163 142.250.68.163	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400f:12::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:5d::8	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	211.231.100.211 211.231.100.211	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1	203.133.167.207 203.133.167.207	9764 (DAUM-NET ...) (DAUM-NET Kakao Corp)
17 25	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	52.78.61.184 52.78.61.184	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 24	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
12	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
8 34	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.57.47.211 52.57.47.211	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
8 8	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
4 8	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3039::6815:c03b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	18.233.75.25 18.233.75.25	14618 (AMAZON-AES) (AMAZON-AES)
2 4	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1	34.240.124.39 34.240.124.39	16509 (AMAZON-02) (AMAZON-02)
2 2	52.215.67.233 52.215.67.233	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2606:4700:303... 2606:4700:3038::6815:ea4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.196.31 13.224.196.31	16509 (AMAZON-02) (AMAZON-02)
358	81

1 2606:4700:3037::6815:2a1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.79.193 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com

subs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.139.128.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net

vs.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.73.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-34.fra2.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.68.206 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 206.68.201.35.bc.googleusercontent.com

www.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 184.24.21.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-21-156.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.62.140.165 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

cdneast2-xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.217.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi1-1.sfa50.mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
target.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static3.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.37.97.189 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.42.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sm-server1-1.sfa51.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.161.190 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.68.163 (United States)

ASN15169 (GOOGLE, US)
PTR: dfw25s41-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:12::8 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr3---sn-5goeen7y.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:5d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr3---sn-4g5ednld.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.100.211 (Korea, Republic Of) 1 redirects

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.133.167.207 (Korea, Republic Of)

ASN9764 (DAUM-NET Kakao Corp, KR)

act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.184.226 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.78.61.184 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-61-184.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.29.132.245 (United Kingdom) 10 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2.18.234.21 (Frankfurt am Main, Germany) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.47.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.189 (United Kingdom) 4 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.25 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.54.176.128 (Ashburn, United States) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.75.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-75-25.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.22.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.124.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-124-39.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.67.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea4e (United States)

ASN13335 (CLOUDFLARENET, US)

services.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-31.fra2.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	doubleclick.net 17 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	150 KB
39	dable.io static.dable.io api.dable.io adx.dable.io images.dable.io	208 KB
38	ntd.com www.ntd.com img.ntd.com	2 MB
30	casalemedia.com 8 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	32 KB
26	openx.net 6 redirects rtb.openx.net u.openx.net eu-u.openx.net us-u.openx.net	6 KB
25	adnxs.com 3 redirects prebid.adnxs.com ib.adnxs.com acdn.adnxs.com secure.adnxs.com	85 KB
15	youmaker.com subs.youmaker.com vs.youmaker.com sc.youmaker.com www.youmaker.com	451 KB
15	amazon-adsystem.com 4 redirects c.amazon-adsystem.com s.amazon-adsystem.com	43 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	367 KB
12	adsrvr.org match.adsrvr.org	3 KB
12	mixi.media mixi.media static.mixi.media target.mixi.media static6.mixi.media static3.mixi.media static7.mixi.media static2.mixi.media	245 KB
12	googlesyndication.com pagead2.googlesyndication.com 121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com tpc.googlesyndication.com	477 KB
11	media.net hbx.media.net contextual.media.net cdneast2-xch.media.net c21lg-d.media.net	133 KB
10	mathtag.com 10 redirects sync.mathtag.com	5 KB
9	gumgum.com g2.gumgum.com rtb.gumgum.com	7 KB
9	google.com www.google.com adservice.google.com	22 KB
8	adform.net 8 redirects c1.adform.net	4 KB
8	indexww.com js-sec.indexww.com	8 KB
8	districtm.io dmx.districtm.io cdn.districtm.io	388 B
7	pubmatic.com ads.pubmatic.com image6.pubmatic.com	62 KB
7	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	18 KB
4	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	2 KB
4	quantserve.com 4 redirects pixel.quantserve.com	2 KB
4	yahoo.com c2shb.ssp.yahoo.com	2 KB
4	stat.media stat.media	29 KB
4	googletagservices.com www.googletagservices.com	127 KB
4	google.de www.google.de adservice.google.de	516 B
4	googleapis.com imasdk.googleapis.com fonts.googleapis.com ajax.googleapis.com	343 KB
3	bidswitch.net x.bidswitch.net	436 B
3	chargebee.com js.chargebee.com	67 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	simpli.fi 1 redirects um.simpli.fi	841 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	ad4m.at ad4m.at
2	googlevideo.com 1 redirects rr3---sn-5goeen7y.googlevideo.com rr3---sn-4g5ednld.googlevideo.com	1 KB
2	youtube.com www.youtube.com	43 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	pushengage.com clientcdn.pushengage.com	19 KB
1	epoch.cloud services.epoch.cloud	2 KB
1	twitter.com analytics.twitter.com	659 B
1	bttrack.com bttrack.com	380 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	rfihub.com 1 redirects p.rfihub.com	775 B
1	demdex.net dpm.demdex.net
1	adgrx.com cm.adgrx.com	408 B
1	sonobi.com sync.go.sonobi.com	509 B
1	kakao.com act.ds.kakao.com	572 B
1	daum.net 1 redirects analytics.ad.daum.net	718 B
1	dotomi.com prebid-match.dotomi.com	104 B
1	criteo.com gum.criteo.com	366 B
1	t.co t.co	456 B
1	2mdn.net s0.2mdn.net	17 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	tnews.to 1 redirects tnews.to	993 B
0	userreport.com Failed audex.userreport.com Failed
358	57

	Domain	Requested by
26	images.dable.io	api.dable.io static.dable.io
25	cm.g.doubleclick.net	17 redirects www.ntd.com u.openx.net
21	www.ntd.com	www.ntd.com
17	img.ntd.com	www.ntd.com
14	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com um2.eqads.com
14	ib.adnxs.com	1 redirects www.ntd.com acdn.adnxs.com
12	ssum-sec.casalemedia.com	4 redirects js-sec.indexww.com ssum-sec.casalemedia.com
12	match.adsrvr.org	www.ntd.com u.openx.net ssum-sec.casalemedia.com
10	sync.mathtag.com	10 redirects
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ntd.com
9	vs.youmaker.com	www.ntd.com vs.youmaker.com
8	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com
8	c1.adform.net	8 redirects
8	us-u.openx.net	u.openx.net
8	eu-u.openx.net	u.openx.net
8	js-sec.indexww.com	www.ntd.com ssum-sec.casalemedia.com
8	u.openx.net	4 redirects www.ntd.com
7	api.dable.io	static.dable.io ajax.googleapis.com
7	cdneast2-xch.media.net	www.ntd.com
7	pagead2.googlesyndication.com	srcdoc www.ntd.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
6	fonts.gstatic.com	www.ntd.com www.google.com fonts.googleapis.com
5	rtb.gumgum.com	www.ntd.com
5	ads.pubmatic.com	www.ntd.com
5	prebid.adnxs.com	www.ntd.com
5	static.dable.io	www.ntd.com api.dable.io
5	www.google.com	www.ntd.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	bcp.crwdcntrl.net	2 redirects ssum-sec.casalemedia.com
4	pixel.quantserve.com	4 redirects
4	acdn.adnxs.com	www.ntd.com
4	cdn.districtm.io	www.ntd.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	dmx.districtm.io	www.ntd.com
4	fastlane.rubiconproject.com	www.ntd.com
4	htlb.casalemedia.com	www.ntd.com
4	c2shb.ssp.yahoo.com	www.ntd.com
4	g2.gumgum.com	www.ntd.com
4	stat.media	mixi.media stat.media
4	www.googletagservices.com	hbx.media.net securepubads.g.doubleclick.net
4	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	x.bidswitch.net	www.ntd.com ssum-sec.casalemedia.com
3	googleads.g.doubleclick.net	www.ntd.com
3	adservice.google.de	securepubads.g.doubleclick.net
3	mixi.media	www.ntd.com static.mixi.media
3	www.youmaker.com	vs.youmaker.com www.ntd.com
3	js.chargebee.com	subs.youmaker.com js.chargebee.com
3	sb.scorecardresearch.com	1 redirects www.ntd.com
2	um.simpli.fi	1 redirects ssum-sec.casalemedia.com
2	match.prod.bidr.io	2 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	ad4m.at	ssum-sec.casalemedia.com
2	secure.adnxs.com	2 redirects
2	eus.rubiconproject.com	www.ntd.com eus.rubiconproject.com
2	rtb.openx.net	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	static3.mixi.media	www.ntd.com
2	static6.mixi.media	www.ntd.com
2	static.mixi.media	mixi.media www.ntd.com
2	pubads.g.doubleclick.net	imasdk.googleapis.com www.ntd.com
2	www.youtube.com	vs.youmaker.com www.youtube.com
2	hbx.media.net	www.ntd.com hbx.media.net
2	www.google-analytics.com	www.ntd.com www.google-analytics.com
2	imasdk.googleapis.com	vs.youmaker.com imasdk.googleapis.com
2	subs.youmaker.com	www.ntd.com
1	clientcdn.pushengage.com	www.ntd.com
1	services.epoch.cloud	www.ntd.com
1	c21lg-d.media.net	hbx.media.net
1	analytics.twitter.com	static.ads-twitter.com
1	bttrack.com	ssum-sec.casalemedia.com
1	sync.adotmob.com	1 redirects
1	p.rfihub.com	1 redirects
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	ajax.googleapis.com	api.dable.io
1	fonts.googleapis.com	api.dable.io
1	sync.go.sonobi.com	www.ntd.com
1	adx.dable.io	www.ntd.com
1	act.ds.kakao.com	www.ntd.com
1	analytics.ad.daum.net	1 redirects
1	prebid-match.dotomi.com	www.ntd.com
1	rr3---sn-4g5ednld.googlevideo.com	www.ntd.com
1	rr3---sn-5goeen7y.googlevideo.com	1 redirects
1	static2.mixi.media	www.ntd.com
1	static7.mixi.media	www.ntd.com
1	121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	target.mixi.media	www.ntd.com
1	contextual.media.net	hbx.media.net
1	gum.criteo.com	hbx.media.net
1	t.co	www.ntd.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.google.de	www.ntd.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sc.youmaker.com	www.ntd.com
1	static.ads-twitter.com	www.ntd.com
1	www.googletagmanager.com	www.ntd.com
1	tnews.to	1 redirects
0	audex.userreport.com Failed	www.ntd.com
358	100

This site contains links to these domains. Also see Links.

Domain
legendsunfolding.com
newsletter.ntd.com
www.inspiredoriginal.org
www.ntdtv.com
ntdtv.fr
www.ntdtv.kr
www.ntdtv.jp
www.ntdvn.com
ntdtv.ru
www.facebook.com
twitter.com
www.youmaker.com
www.hhs.gov
www.wsj.com
www.theepochtimes.com
www.whitehouse.gov
www.who.int
eeas.europa.eu
www.cnbc.com
www.appropriations.senate.gov
mixi.media

Subject Issuer	Validity	Valid
*.ntd.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-11` - `2022-09-11`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2022-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
js.chargebee.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
static.dable.io R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
mixi.media R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
static.mixi.media R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
stat.media R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
target.mixi.media R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-10` - `2022-02-02`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-03` - `2021-10-12`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2021-01-07` - `2022-02-07`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Frame ID: AF206CAAC47BC0E7D3E3E7AFE9D7AE7E
Requests: 180 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: 83D6D3D5D35B9D4CE7D6CBBEA60F08E4
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN&size=invisible&cb=7a2qr8fbsdc1
Frame ID: 15FB86AE45BDB0D1CA6AA90C12C96C96
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AB9D1A50EF17C4F8DB1C3CD0780B46D0
Requests: 1 HTTP requests in this frame

Frame: https://121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 966D30DB60906EBE6738A628EE56997A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: BF3D81B8DCBD138EFE3AB550C757CABA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyKOzrORrMQpDSrmlvDqciJq4aoXbdn-JIYHNy0Fz28qSpyX-elbie7JthteqbYKlGnvrI1T1KucMW4h7XOKjUHWktwPGYlkrTObzoGVn9DIn8xJWZjB-jk2xPniy9nn5y9nA8GSJ9cxRjDAxcMI0STZ0IbSgCxIM7LRUo725PSUiCgVVg3N0lfJ4Y00EDNaBMWqO3iqXucRX99zvQMnGBfokZmXVnzdeZ_RWvIIiIJ8FXwbO6TvWMv8BghskQNqEElWwNIt3TCNcC0DJrIC5Rrv1nTbH1gm7GLJT-cYA9mI6JIpl52JxdlqAhAD0CrV_x_RJBKsiyXfVJF7UyKbfrTQuDnQZ-iNrrrICnN7zbUzRiBsk&sig=Cg0ArKJSzCeIwpukcxICEAE&urlfix=1&adurl=
Frame ID: 15C4AE2F327B7CAADE696D2BE7EEA092
Requests: 6 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Frame ID: 18CB5DFD18C012F4CEE752B058B845BD
Requests: 36 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQBYDn6H66BZs23zAh2WxrV0jJwZODrPW693laFNR699dZAoiNhO1gDe-DEN04nR8ZxpaABAVGCxAyJ8Vq25dhsJpWGabwxGz84xzxprUHHnEc2TLek8TcTi0zB0cJkxsEwLos_PzIxb5ARuXxkyVddmdgRVb22KI3A1n1wDyMoHPxvuIRauqRAYdUrDNdnpGCsnaiKeWCm4hw6wA9Q5UVPs1hA9WoBZJICCIaXCKzRMRNQxahgYj3FxNW6A2ozUnvMG1sjJ4KqBal-zDYdqj_iWmyB99tNllBLHYMcFmJRohVEc4hERrFoozwWRIu2Qr1PAqwSOAsIG-E1l2M&sig=Cg0ArKJSzNjEpFvlMCpWEAE&urlfix=1&adurl=
Frame ID: A1FCE514AC29E5AEFEF42B8656A93E88
Requests: 6 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: A864AF3C33F34FF5FF87A328D36F198E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 81CDA23FAF93E35E575995CF1A354637
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 32BA87ED712DA4B7DB71F56144EB9C5A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B9DF8C4D65CB0375B6D943420EB451C3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 39BF2C99BB7C463D3E9A0E271D9C7F64
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 37D90BB5D40CAB01DCAD4377DCC8C92B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=
Frame ID: 2C6AE37D6BF5157B9267C53329940C8C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: E596A60CDF487FAF1C35C1DC0BFB6A60
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=
Frame ID: 74046B274593C67319CC48F0D4EA812F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=
Frame ID: FD3407F2514362D0B722DB048D9660CA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 1A55164B44E9C3E52E6948EE4A55B341
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 1C5994B8CA56E99C33CA2D1AB8391B81
Requests: 7 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: 8BB67EF39E980E27C10ED2AE3B1CB621
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
Frame ID: 2BA235E1D5F057924B89F8799565F81C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 2BBC50F3501F90F95D6EABBCB37788F0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: EC93A4F6CC06CDF010112D3195A60670
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 748C90C26ECF934F12695C963E131428
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 27161D90987238A39096A217D0673F40
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C3600A096ABBC1397D2C4F00BB392D0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 4A9464E51B1EF2306CA65BC6A8C2FE84
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Frame ID: E1A292991F14059CF8D5031C7DB1B94B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B3FD07BD5CEC53962CB6C6791E8C3571
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC43D72C98F02BC034D27DB9B0613734
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: D3524B0E13F3473C016B46DCF079776F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 06ABDB0ED16CCD058C1343B3A03ED5EF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A8E099BB9FB7365F7B0032AAC080B961
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 9FBD6A5F9D42706C21714C1E78867E28
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2BA493AA36EBA27EB015699010D6D1FD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5123AC953145353F9AAC9252930B8043
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B0FFE1F33690D7DA7D4668847D1BC21F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 755359346541D832B52F8559D975BB1C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2186CEA7F4040DE2451807FCD3555711
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 7D0BAF6B0D8D592E0B952276135ACB71
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 37698CE8199666147E3ED2DAFDBA7584
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D4975F856641B3450C86D43A5051EAA5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2E67760D4554C25BC2B051935CB7A915
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 13DAEC41F1A56364AD668E82C4A92209
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 359B450F8E5FF6F8C4D744BF0F980BC4
Requests: 2 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=251%2C159%2C226%2C186%2C188%2C222%2C225%2C203%2C3015%2C3014%2C108%2C273%2C175%2C80%2C193%2C3008%2C3%2C126%2C178%2C214%2C184%2C201%2C246%2C148%2C2033%2C255%2C3018%2C157%2C208%2C97%2C77%2C229%2C109&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 34A4B32F0C8E2027B8319583CD60B508
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 069009A14AE9031F5701FF6FF0D464F8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E3A88B499A87E4F8AB79013BC5B4147D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US Calls for New Probe Into CCP Virus Origins Amid Mounting Attention on ‘Lab Leak’ Theory

Page URL History Show full URLs

https://tnews.to/US-probes-new-CCP-virus-origin HTTP 307
https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

358
Requests

98 %
HTTPS

37 %
IPv6

57
Domains

100
Subdomains

81
IPs

10
Countries

5084 kB
Transfer

9564 kB
Size

11
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://legendsunfolding.com/
Title: Legends Unfolding

Search URL Search Domain Scan URL

URL: https://newsletter.ntd.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: http://newsletter.ntd.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://www.inspiredoriginal.org/piano-talks
Title:

Search URL Search Domain Scan URL

URL: https://www.ntdtv.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://ntdtv.fr/
Title: FRENCH

Search URL Search Domain Scan URL

URL: https://www.ntdtv.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.ntdtv.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.ntdvn.com/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://ntdtv.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%26%238216%3BLab%20Leak%26%238217%3B%20Theory&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&via=news_ntd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youmaker.com/video/48897680-5da1-4bf0-a70c-0fd65fa599a2
Title: Watch on

Search URL Search Domain Scan URL

URL: https://www.hhs.gov/about/news/2021/05/25/secretary-becerra-delivers-remarks-74th-world-health-assembly.html
Title: said

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/intelligence-on-sick-staff-at-wuhan-lab-fuels-debate-on-covid-19-origin-11621796228
Title: Wall Street Journal

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/giving-the-right-name-to-the-virus-causing-a-worldwide-pandemic-2_3277200.html
Title: CCP (Chinese Communist Party) virus

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/briefing-room/press-briefings/2021/05/24/press-briefing-by-press-secretary-jen-psaki-may-24-2021/
Title: said

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/briefing-room/press-briefings/2021/05/25/press-briefing-by-press-secretary-jen-psaki-may-25-2021/
Title: told reporters

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/who-report-blames-animals-instead-of-wuhan-lab-leak-for-ccp-virus-outbreak-questions-unanswered_3755465.html
Title: said in a report

Search URL Search Domain Scan URL

URL: https://www.who.int/publications/i/item/who-convened-global-study-of-origins-of-sars-cov-2-china-part
Title: The report

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/leading-scientists-call-for-proper-investigation-of-ccp-virus-lab-origin-theory_3816440.html
Title: international scientists

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/uk-government-says-who-needs-to-explore-all-possible-theories-on-origins-of-ccp-virus_3828213.html
Title: UK government

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/house-gop-leaders-call-on-house-democrats-to-launch-investigation-into-ccp-virus_3829804.html
Title: U.S. House Republican leaders

Search URL Search Domain Scan URL

URL: https://eeas.europa.eu/delegations/un-geneva/95960/eu-statement-who-led-covid-19-origins-study_en
Title: European Union

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/mkt_app/us-13-nations-question-the-integrity-of-who-china-study-on-ccp-virus-origin_3755652.html
Title: raised concerns

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/fauci-now-not-convinced-covid-19-developed-naturally-backs-origin-probe_3827834.html
Title: said in early May

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/2021/05/24/gottlieb-says-theres-growing-circumstantial-evidence-that-covid-may-have-originated-in-a-lab.html
Title: told CNBC

Search URL Search Domain Scan URL

URL: https://www.appropriations.senate.gov/hearings/review-of-the-fy2022-budget-blueprint-for-the-centers-for-disease_control-and-prevention
Title: said

Search URL Search Domain Scan URL

URL: https://www.who.int/director-general/speeches/detail/who-director-general-s-remarks-at-the-member-state-briefing-on-the-report-of-the-international-team-studying-the-origins-of-sars-cov-2
Title: remarks on March 30

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html
Title: The Epoch Times

Search URL Search Domain Scan URL

URL: https://mixi.media/
Title:

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10857301&bl=95162&ct=adpreview&st=46&nvuuid=9cab734d-7a55-ba01-6100-007e1ba50129&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=2116635905&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10811925&bl=95162&ct=adpreview&st=46&nvuuid=9cfa7372-7a15-ba76-6100-002c1ba401de&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=752775798&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10834658&bl=95162&ct=adpreview&st=46&nvuuid=9c5273e7-7ae2-ba5a-6100-00211ba5011d&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=555607898&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10574742&bl=95162&ct=adpreview&st=46&nvuuid=9c5b7378-7a96-ba32-6100-00371ba101f2&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=938637362&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10408650&bl=95162&ct=adpreview&st=46&nvuuid=9cd273c9-7aca-bacc-6100-00451b9e015d&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=1163774412&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=10792073&bl=95162&ct=adpreview&st=46&nvuuid=9cac7368-7a89-babb-6100-003b1ba401b4&bvuuid=9aa2ff96-9607-4a59-9f2f-26cff13ccb3b&rnd=1001679035&ag=25&ev=H4sIAAAAAAAAAAEaAOX_ChjV1pYFlfSTBeKllQWWt4UFyqX7BInZkgWH2TMoGgAAAA&ab=jsapi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.to/US-probes-new-CCP-virus-origin HTTP 307
https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%80%98Lab%20Leak%E2%80%99%20Theory&c7=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%80%98Lab%20Leak%E2%80%99%20Theory&c7=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&c9=

Request Chain 158

https://rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&mh=EO&mm=31&mn=sn-5goeen7y&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1628288788080861&mt=1629199016&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGH1cBjjIGVOuXVu-Mfo6pdOynT8CaXEFcwshPv3xk3gCIGp1zzvTK5HwDsX_5R1K3MaEDNhtP4ay6F4rw0TdhoUo&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgX8UBGpG2RbWWioLQcLpVD_mFdza2ZzsdRgYQbnutqpgCIQDbKfCsD415E64db-nnp33YtJadxtoevM924Ecd4L5z4g==&cpn=7_9J8jNgeQbp7ReB HTTP 302
https://rr3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1628288788080861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGH1cBjjIGVOuXVu-Mfo6pdOynT8CaXEFcwshPv3xk3gCIGp1zzvTK5HwDsX_5R1K3MaEDNhtP4ay6F4rw0TdhoUo&cpn=7_9J8jNgeQbp7ReB&redirect_counter=1&rm=sn-5gole7s&req_id=405fcfdea1af36e2&cms_redirect=yes&ipbypass=yes&mh=EO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1629199239&mv=m&mvi=3&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANcQtgY7SNkYSALYmsfbHbyCJl0r07j5a-PNhnor9lIhAiA8LzEI6X2-J1B77HRx5vuwLUCVrfTMX-EtB6ZZ23nljw%3D%3D

Request Chain 184

https://analytics.ad.daum.net/match?d=111&uid=83064965.1629199482533 HTTP 302
https://act.ds.kakao.com/match2?d=111&uid=83064965.1629199482533&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2283064965.1629199482533%22%2C%22t%22%3A%2220210817%22%7D%7D

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEOu_dFmUxoCPa9h9fCUChX8&google_cver=1

Request Chain 190

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=8d84633c-cd19-4dfe-8706-e5ebe9281b42

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 236

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 238

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=

Request Chain 239

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=

Request Chain 240

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 241

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Request Chain 249

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 250

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

Request Chain 253

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 263

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=2573713551719923911

Request Chain 264

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F8%2F2.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1 HTTP 302
https://id5-sync.com/c/441/487/8/2.gif?puid=bb863a41-71b6-42ba-9315-6d2d0a62ec58&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=03950ca4-1c33-4e27-9466-f67cb85804a3&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=4a2e79d7-6970-4817-8d8c-f9c01e4c7483&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEOlZCaiN_o2AJM0kHm48WLw&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOlZCaiN_o2AJM0kHm48WLw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2573713551719923911&opid=apx&ops=&utidl=tech:goo:CAESEOlZCaiN_o2AJM0kHm48WLw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19936197936&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/4/6.gif?puid=2d7a016c3799a6897ec93f85b955fb53&gdpr=1&gdpr_consent= HTTP 302
https://audex.userreport.com/sync/put/id5?idfiveid=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F477%2F3%2F7.gif%3Fpuid%3D%25s%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 268

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 273

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

Request Chain 274

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=DwWP_gBXif8UUdz6X1GTrw1V3PkUVt-pWlIop8aH

Request Chain 275

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2841531562354892226

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMEoitUjAZNAu0JrCJ3CWE&google_cver=1

Request Chain 279

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

Request Chain 280

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0uvgBt255gfJv7JU1u38UNXq5VfJ7uhT3OlboTUC

Request Chain 281

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8652100472720559518

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtz5XygAevVibhgnxCUH10&google_cver=1

Request Chain 285

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

Request Chain 286

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zHgyKsMqNCvXLGB4wy8ufs4sOivXLDQtz3-3A1v3

Request Chain 287

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=690381805057342619

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVkeWX0TgYIfaUD7kG3K0k&google_cver=1

Request Chain 291

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

Request Chain 292

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rNn8mqOL-pu3ja7LqongwfjcrMq32v7OqY7wQwYG

Request Chain 293

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7898167966703348299

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpfuiZAI0tzB-Znqw4g7H8&google_cver=1

Request Chain 301

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 302

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 304

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 305

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

Request Chain 309

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&dcc=t

Request Chain 310

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfX-DxPbtBk9gYVqWKgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1

Request Chain 315

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 316

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfToH03biAboZXQ.vnQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

Request Chain 317

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&dcc=t

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

Request Chain 320

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 322

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

Request Chain 323

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAoSE7CNzkAAB5EgjEZzA&expiration=1630409089&gdpr=1

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfToH03biAboZXQ-vnQAAANYAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

Request Chain 327

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB&dcc=t

Request Chain 328

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfToH03biAboZXQ.vnQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

Request Chain 329

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972425837036

Request Chain 332

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

Request Chain 336

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&dcc=t

Request Chain 337

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfTfkhDO8ir8fzggS.gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

Request Chain 338

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

Request Chain 339

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=069922040047f8465263e5b2&expiration=[EXPIRATION]&gdpr=1

Request Chain 340

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1

358 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html Show response
www.ntd.com/
Redirect Chain

https://tnews.to/US-probes-new-CCP-virus-origin
https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

47 KB
14 KB

819ms
719ms

Document
text/html

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

27eddf4da9282a7ceedf21259ebf4012a7a13174cf5738e97fe2b01d2d506b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ntd.com
:scheme: https
:path: /us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
accept-ranges: bytes
cache-control: max-age=480
content-encoding: gzip
content-length: 13634
content-type: text/html; charset=UTF-8
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds276.fr8.sc,1629199479.dop122.sj3.r,1629199479.cds105.sj3.c,1629199479.cds276.fr8.p
server: nginx/1.12.2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-device: desktop
x-cache-status: MISS

Redirect headers

date: Tue, 17 Aug 2021 11:24:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: prli_click_3155=US-probes-new-CCP-virus-origin; expires=Thu, 16-Sep-2021 11:24:37 GMT; Max-Age=2592000; path=/ prli_visitor=611b9c7512d12; expires=Wed, 17-Aug-2022 11:24:37 GMT; Max-Age=31536000; path=/
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.3 http://prettylink.com
x-redirect-by: WordPress
location: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4G1rcgkuTQna%2B0jVXlmYAWU0druQUkRRty7g%2BwnAMGNwwllXWcI%2FsNKLnfDVcOZDeaEYNzovON42NDxJx%2B6hv5FVlgSIv5Ee6ld454%2FnyOSfSe%2F3OXYsOOWM%2Fe894%2FDxK0D1gdBIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68028976dcf7dfe3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 166ms
60ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding: gzip
server: Server
age: 847
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 17 Aug 2021 11:10:32 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: O0AGn3Z1Te19rlltjs8uCxiihEoI6I4EDbhy_CDgWwK9P_vVaVp9Aw==

GET
H2 200 prebid.js Show response
www.ntd.com/assets/themes/m-ntd/js/ads/ 285 KB
106 KB 54ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/m-ntd/js/ads/prebid.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 18:58:27 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5fac3453-47523"
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds211.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 108407
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 template.css
subs.youmaker.com/lib/ 8 KB
9 KB 211ms
143ms Stylesheet
text/css 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
via: 1.1 google
last-modified: Thu, Aug 12 2021 19:16:42 GMT
server: nginx/1.20.1
content-type: text/css; charset=utf-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 8659

GET
H2 200 style.css
www.ntd.com/assets/themes/ntd/ 2 KB
979 B 109ms
108ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/style.css?ver=20180618
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6f13-6aa"
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds145.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 859
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 global.css
www.ntd.com/assets/themes/ntd/css/ 19 KB
5 KB 109ms
109ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

cee8fc2e94b1a0c62c7a9302b0c64a7ff6f372faaca513c264807db0f07ee445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/css/global.css?ver=20210604
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 19:33:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"60ba7ffb-4cc0"
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds232.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 5263
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 41 KB
26 KB 111ms
111ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/css/genericons/genericons.css?ver=20171027
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 22 May 2021 15:30:29 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"60a92395-a2da"
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds144.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 26471
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 single.css
www.ntd.com/assets/themes/ntd/css/ 15 KB
4 KB 119ms
118ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210604

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

f7e5f38b6f6721bd446e7e8fb44137c74f5e7f79c842a8510fed01c56717c3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/css/single.css?ver=20210604
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 19:33:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"60ba7ffb-3a0f"
x-hw: 1629199479.cds132.fr8.hn,1629199479.cds054.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 4102
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 live_button.png
www.ntd.com/assets/themes/ntd/images/ 3 KB
3 KB 59ms
56ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/live_button.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

bc9638f5f76b0faf177bdf6f5f14d787f3a41b47fff1f2a8d7d20fa0af57ce18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/live_button.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5f036208-cb2"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds125.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 3250
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/ 64 KB
64 KB 107ms
95ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Tue, 02 Feb 2021 20:05:39 GMT
server: nginx/1.12.2
etag: "6019b093-ffc1"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds238.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 65473

GET
H2 200 ntd_show_menu_china_in_focus.jpg
img.ntd.com/assets/uploads/2021/02/ 79 KB
79 KB 103ms
91ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_china_in_focus.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Tue, 02 Feb 2021 20:05:37 GMT
server: nginx/1.12.2
etag: "6019b091-13ba2"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds289.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 80802

GET
H2 200 NTD-Business-412x222.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 92ms
81ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/NTD-Business-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Tue, 02 Feb 2021 21:10:04 GMT
server: nginx/1.12.2
etag: "6019bfac-1069e"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds149.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67230

GET
H2 200 ntd_show_menu_ntd_news_today.jpg
img.ntd.com/assets/uploads/2021/02/ 66 KB
66 KB 99ms
88ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_news_today.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Tue, 02 Feb 2021 20:05:40 GMT
server: nginx/1.12.2
etag: "6019b094-10886"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds248.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 67718

GET
H2 200 dropdown-412x222.jpg
img.ntd.com/assets/uploads/2021/02/ 96 KB
96 KB 110ms
99ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/dropdown-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 608201919dc10acf4972a81fd619c662c2c57f0fd89361d3d30639692da2d356

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Thu, 25 Feb 2021 07:02:21 GMT
server: nginx/1.12.2
etag: "60374b7d-1805d"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds012.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98397

GET
H2 200 ntd_show_menu_ntd_talkingPoints_news.jpg
img.ntd.com/assets/uploads/2021/07/ 82 KB
83 KB 115ms
103ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/07/ntd_show_menu_ntd_talkingPoints_news.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 20d93c83f7d23115aa9ce958bfc86025f77db34f039acb8aef487b2c7a057ef0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Sat, 17 Jul 2021 22:07:38 GMT
server: nginx/1.12.2
etag: "60f354aa-14998"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds124.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 84376

GET
H2 200 Life-and-Times-new-412x222.jpg
img.ntd.com/assets/uploads/2021/04/ 80 KB
80 KB 51ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/Life-and-Times-new-412x222.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 251f69d0af06e3e8716a14a8d162cb01181b1b393e91df96cee0cc1c96ef0001

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Mon, 26 Apr 2021 14:46:09 GMT
server: nginx/1.12.2
etag: "6086d231-14008"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds122.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 81928

GET
H2 200 The-Beau-Show-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 146 KB
146 KB 52ms
52ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/04/The-Beau-Show-NTD-412x222.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Mon, 05 Apr 2021 04:06:27 GMT
server: nginx/1.12.2
etag: "606a8cc3-248d6"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds138.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 149718

GET
H2 200 print.css
www.ntd.com/assets/themes/ntd/css/ 532 B
432 B 60ms
59ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/css/print.css?ver=20200706
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 18:35:54 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5f036f0a-214"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds268.fr8.c
content-type: text/css
cache-control: max-age=1800
content-length: 320
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 ntd_show_menu_piano_talks.jpg
img.ntd.com/assets/uploads/2021/02/ 72 KB
72 KB 52ms
52ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_piano_talks.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 72cf754c363154ded4f90992002ffcfdaff286c0099cc2949d6d375fdc268d14

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Tue, 02 Feb 2021 20:05:40 GMT
server: nginx/1.12.2
etag: "6019b094-11e7d"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds213.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 73341

GET
H2 200 48897680-5da1-4bf0-a70c-0fd65fa599a2 Show response
vs.youmaker.com/assets/player/ 22 KB
7 KB 639ms
536ms Script
application/json 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: 86dbdc3925cfb84b9f037f125df9066a384724985dfac4365d5afe0962253681

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
server: nginx/1.20.1
x-hw: 1629199480.cds155.fr8.hn,1629199480.cds007.fr8.sc,1629199480.dop006.ch4.r,1629199480.cds192.ch4.c,1629199480.cds007.fr8.p
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3594
accept-ranges: bytes
alt-svc: clear
content-length: 6448
via: 1.1 google

GET
H2 200 white.png
www.ntd.com/assets/themes/ntd/images/ 95 B
204 B 61ms
59ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/white.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/white.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:15 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: "5c8a6f13-5f"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds127.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 95
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 afghans-flee-270x152.jpg
img.ntd.com/assets/uploads/2021/08/ 10 KB
10 KB 51ms
51ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/08/afghans-flee-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 30b0cd2ef91adb0652343b24347224da8648b6fc0583193768f1fdfed7785056

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Mon, 16 Aug 2021 13:06:54 GMT
server: nginx/1.12.2
etag: "611a62ee-286a"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds168.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10346

GET
H2 200 Taliban-in-presidential-palace--270x152.jpg
img.ntd.com/assets/uploads/2021/08/ 20 KB
20 KB 50ms
49ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/08/Taliban-in-presidential-palace--270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 40e7e7284b1076fee1fc35c1f2930fbf3131061fc7795e0a639db1ccd462a25a

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Sun, 15 Aug 2021 22:27:45 GMT
server: nginx/1.12.2
etag: "611994e1-4eb4"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds218.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20148

GET
H2 200 Fake-COVID-vaccine-card-Memphis-270x152.jpg
img.ntd.com/assets/uploads/external/2021/08/ 13 KB
14 KB 50ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/external/2021/08/Fake-COVID-vaccine-card-Memphis-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8c2e6d4ea2eeddb8c09cc67a1a324b3dbd296550ca30a0c50f117b0c21f280e1

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Sun, 15 Aug 2021 17:53:24 GMT
server: nginx/1.12.2
etag: "61195494-3590"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds206.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13712

GET
H2 200 police-tape-270x152.jpg
img.ntd.com/assets/uploads/2019/04/ 7 KB
7 KB 51ms
50ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2019/04/police-tape-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 976648dd57b029db574a8bcb1efb29f876b72bf97ae4b2adea0b461e59d994f1

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Thu, 25 Apr 2019 14:54:02 GMT
server: nginx/1.12.2
etag: "5cc1ca0a-1a1a"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds016.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6682

GET
H2 200 San-Antonio-Police-Chief-William-McManus-270x152.jpg
img.ntd.com/assets/uploads/2021/08/ 9 KB
9 KB 55ms
54ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/08/San-Antonio-Police-Chief-William-McManus-270x152.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 91e3003b100490443b393ae298ca1efcfd0e108c394ec6288150ae0f947d2bfd

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Sun, 15 Aug 2021 21:28:53 GMT
server: nginx/1.12.2
etag: "61198715-2354"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds010.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9044

GET
H2 200 Map-of-storms-270x152.png
img.ntd.com/assets/uploads/2021/08/ 27 KB
27 KB 52ms
51ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/08/Map-of-storms-270x152.png
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8f6240cf0838c18b8de1b379040b9b8079c59024f591e3266d63dbace7d33643

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Mon, 16 Aug 2021 15:14:07 GMT
server: nginx/1.12.2
etag: "611a80bf-6aad"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds274.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27309

GET
H2 200 footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/ 349 KB
349 KB 52ms
51ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
last-modified: Wed, 03 Feb 2021 22:50:49 GMT
server: nginx/1.12.2
etag: "601b28c9-573d6"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds007.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357334

GET
H2 200 jquery-all.min.js Show response
www.ntd.com/assets/themes/ntd/js/ 98 KB
40 KB 51ms
51ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/js/jquery-all.min.js?ver=20170224
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 15:11:14 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"5c8a6f12-188ff"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds054.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 40721
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 bottom.js Show response
www.ntd.com/assets/themes/ntd/js/ 31 KB
10 KB 57ms
54ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20210813

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

96abe1a16e2a6fff4584ef131d95de19eabb899d860e74aeff1dc5c33237f022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/js/bottom.js?ver=20210813
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 19:02:08 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"6116c1b0-7a7e"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds207.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 10475
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.bundle.js Show response
subs.youmaker.com/lib/ 237 KB
237 KB 146ms
143ms Script
application/javascript 35.244.243.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.243.244.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 9699e34eb2df4a3e740a199dbf70e95692020fced127e958ed0c941d757e497b

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
via: 1.1 google
last-modified: Thu, Aug 12 2021 19:16:42 GMT
server: nginx/1.20.1
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-robots-tag: noindex
alt-svc: clear
content-length: 242287

GET
H2 200 article_ads.js Show response
www.ntd.com/assets/themes/ntd/js/ 31 KB
9 KB 57ms
54ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/js/article_ads.js?ver=20210318
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 15:47:51 GMT
server: nginx/1.12.2
x-microcachable: 0
etag: W/"60537627-7c65"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds292.fr8.c
content-type: application/javascript; charset=utf-8
cache-control: max-age=1800
content-length: 8981
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 161ms
60ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:41:19 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 63802
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
content-type: application/javascript
x-amz-cf-id: FXGGgooS_wEh2JP6ZSwvxi-8pSusLSaul0-_BIRZr-nzsTG5YYU-fQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
35 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e302ccdf5f622b81177256567d02cd8edb014b412d0e43141efa43cfecd9f180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35578
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 Aug 2021 11:24:40 GMT

GET
H2 200 NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 4 KB
4 KB 59ms
59ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/NTD_logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 19:44:39 GMT
server: nginx/1.12.2
etag: "5ed94f27-f46"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds214.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 3910
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 header-handshake.png
www.ntd.com/assets/themes/ntd/images/ 2 KB
2 KB 61ms
61ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/header-handshake.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/header-handshake.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:31 GMT
server: nginx/1.12.2
etag: "606f685f-61d"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds250.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 1565
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/ 118 KB
119 KB 62ms
60ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/fonts/RingsideCondensed-Medium.otf
pragma: no-cache
origin: https://www.ntd.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ntd.com
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1d9d8"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds012.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 121304
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/ 122 KB
122 KB 73ms
73ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/fonts/RingsideCondensed-Bold.otf
pragma: no-cache
origin: https://www.ntd.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ntd.com
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1e6ec"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds211.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 124652
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Origin: https://www.ntd.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 162ms
55ms Script
application/javascript 65.9.73.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:01:47 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1374
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: AlgqHtYuS2l6gXqj0zDAvzSpGqE2lelMoMyFFvzMcQI6Fn-w9p-x2g==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%8...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%...

64 B
330 B

69ms
69ms

Image
image/gif

65.9.73.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%80%98Lab%20Leak%E2%80%99%20Theory&c7=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&c9=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: RWw6hxSFugEHrVNKlyMBQgeLn2dODVzlrY0eKHJHHK6V5pQdeR1Fqw==

Redirect headers

date: Tue, 17 Aug 2021 11:24:40 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1629199480367&ns_c=UTF-8&cv=3.5&c8=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%80%98Lab%20Leak%E2%80%99%20Theory&c7=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&c9=
content-length: 388
x-amz-cf-id: l-4PCkjjCaxA9c-YFqiNYbC2Uy4cNYeDh4TFXeLCB8UVbhrjamZOoA==

GET
H2 200 ymkplayer7.min.css
vs.youmaker.com/assets/css/ 35 KB
9 KB 65ms
63ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/css/ymkplayer7.min.css?ver=3
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: 546fbdf5c7ebe0763dcb50d0266d8db877526bac0d96b7f23062c2e9e120d2fc

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
server: nginx/1.20.1
x-hw: 1629199480.cds155.fr8.hn,1629199480.cds277.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 9332
via: 1.1 google

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 341 KB
118 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120564
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:40 GMT

GET
H2 200 epochplayer7.min.js Show response
vs.youmaker.com/assets/js/ 489 KB
137 KB 70ms
69ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: d158808063fa7bb1ceeff3620bdc8d87ba19c4784032554f915d274cc8769c94

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
server: nginx/1.20.1
x-hw: 1629199480.cds155.fr8.hn,1629199480.cds122.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 139915
via: 1.1 google

GET
H2 200 videojs-ymk.min.js Show response
vs.youmaker.com/assets/js/ 26 KB
8 KB 134ms
133ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/js/videojs-ymk.min.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: e9305146452bd809a27fccd42eeb6800af439935af1a851a3200ec129e09fc35

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
server: nginx/1.20.1
x-hw: 1629199480.cds155.fr8.hn,1629199480.cds135.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 8263
via: 1.1 google

GET
H2 200 epochplayer7.ads.min.js Show response
vs.youmaker.com/assets/js/ 61 KB
13 KB 134ms
133ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/js/epochplayer7.ads.min.js
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
server: nginx/1.20.1
x-hw: 1629199480.cds155.fr8.hn,1629199480.cds236.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 13661
via: 1.1 google

GET
H2 200 ENTD_Play.svg
www.ntd.com/assets/themes/ntd/images/ 2 KB
1 KB 51ms
50ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ENTD_Play.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/ENTD_Play.svg
pragma: no-cache
cookie: ntdViewCount=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-7e6"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds016.fr8.c
content-type: image/svg+xml
cache-control: max-age=315360000
content-length: 938
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/ 73 KB
73 KB 50ms
50ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/footer-app-logo.png
pragma: no-cache
cookie: ntdViewCount=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:32:35 GMT
server: nginx/1.12.2
etag: "606f6863-122fe"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds219.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 74494
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/ 123 KB
123 KB 50ms
50ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.ntd.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ntdViewCount=1
:path: /assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ntd.com
Referer: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 17:40:24 GMT
server: nginx/1.12.2
etag: "5f036208-1eb2c"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds232.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 125740
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntd.com
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 23:20:37 GMT
x-content-type-options: nosniff
age: 43443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 23:20:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 659
date: Tue, 17 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 17 Aug 2021 13:13:41 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 154ms
50ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 40643
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1629199481.020933,VS0,VE0
x-served-by: cache-fra19166-FRA

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 147 KB
45 KB 186ms
61ms Script
application/x-javascript 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-34.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bf173830985a139beb4f23f7d5b110694f2248923a735ac65df8444ed3bc30cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: se2YRSy.rZlL7Jg0VkrHKe0.p1yj3lD_
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 11 Aug 2021 09:48:25 GMT
server: AmazonS3
age: 243
etag: W/"b4c2e8589abb50c972c0d1b27fc1f6c8"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Tue, 17 Aug 2021 11:20:39 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8xQZ9EiH7H9fR4y_Zo4-kIMRG-9sqIZ3QvfSfvQAlkQKSWiJTf1MZw==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 455 KB
101 KB 255ms
139ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

545b21fa0a4328913ddd72edc300dd172dae6ceaca8801583a9a00c23a7143cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 17 Aug 2021 11:24:41 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Tue, 17 Aug 2021 11:54:41 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
299 B 155ms
155ms XHR
text/plain 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: mZast-uNxLUnlFWvCPbuG6Mq8azluvz5Ux7jhUQb07nsRrDcqthf3A==

GET
H2 200 count Show response
sc.youmaker.com/site/article/ 140 B
259 B 218ms
146ms XHR
application/json 34.120.97.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=297af1be-f803-94e8-377a-5f9c07ad1758&postid=618591
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 1ed5927ba3272fa063ec98adc57ba021241b4f81e40da3a1cb3b0e0a3fa23b59

Request headers

Accept: */*
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 google
server: nginx/1.20.1
alt-svc: clear
content-length: 140
content-type: application/json;charset=UTF-8

GET
H2 200 RobotoCondensed-Regular.ttf
www.ntd.com/assets/themes/ntd/fonts/ 122 KB
123 KB 50ms
50ms Font
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/assets/themes/ntd/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6dc7ba162db365941a23c68f8417eca8884c821ff6104a5a7f825ce090407b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.ntd.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ntdViewCount=1; epoch_gdpr_userid=297af1be-f803-94e8-377a-5f9c07ad1758
:path: /assets/themes/ntd/fonts/RobotoCondensed-Regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ntd.com
referer: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210604
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.ntd.com
Referer: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210604
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 19:12:55 GMT
server: nginx/1.12.2
etag: "60831c37-1e994"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds229.fr8.c
content-type: application/octet-stream
cache-control: max-age=315360000
content-length: 125332
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
741 B 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20210813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d7ad9df853e3d14c5b35a98e2ff54558fa21493565a21a8128cc11d4aa4f226

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Tue, 17 Aug 2021 11:24:40 GMT

GET
H2 200 ntd-logo-comment.png
www.ntd.com/assets/themes/ntd/images/ 35 KB
35 KB 50ms
49ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/themes/ntd/images/ntd-logo-comment.png
pragma: no-cache
cookie: ntdViewCount=1; epoch_gdpr_userid=297af1be-f803-94e8-377a-5f9c07ad1758
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.ntd.com
referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 19:34:41 GMT
server: nginx/1.12.2
etag: "60ba8051-8b5f"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds010.fr8.c
content-type: image/png
cache-control: max-age=315360000
content-length: 35679
accept-ranges: bytes
x-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 Xavier-Becerra-615x410.jpg
img.ntd.com/assets/uploads/external/2021/05/ 38 KB
39 KB 634ms
634ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ntd.com/assets/uploads/external/2021/05/Xavier-Becerra-615x410.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6be485e154f3050c9783321464779ebe8f3671d5153b8df8e958e69e743f9981

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
last-modified: Tue, 18 May 2021 16:46:12 GMT
server: nginx/1.12.2
etag: "60a3ef54-995e"
x-hw: 1629199480.cds132.fr8.hn,1629199480.cds003.fr8.sc,1629199481.cds003.fr8.pr
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39262

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=238874735&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&dp=%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ul=en-us&de=UTF-8&dt=US%20Calls%20for%20New%20Probe%20Into%20CCP%20Virus%20Origins%20Amid%20Mounting%20Attention%20on%20%E2%80%98Lab%20Leak%E2%80%99%20Theory&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1125997635&gjid=1740555348&cid=1464338981.1629199481&tid=UA-128455718-1&_gid=1860143611.1629199481&_r=1&_slc=1&cd1=28902&cd2=112&cd3=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bus-9%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_news_exclusive-6030%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd5=%3Bcoronavirus-outbreak-28902%3Bchina-10%3Bnews-8%3Bus-9%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_news_exclusive-6030%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd21=618591&cd22=mimi-nguyen-ly&cd23=Mimi%20Nguyen%20Ly&cd26=CCP%20Virus&cd28=%3BCCP%20Virus%3BChina%3BNews%3BUS%3B&cd29=%3BWuhan%20lab%3BCCP%20virus%3BCOVID-19%3B&cd30=20210525&cd31=20210526&cd33=878&cd38=112&cd42=%3Bwuhan-lab%3Bccp-virus%3Bcovid-19%3B&cd43=post&z=134329170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ 341 KB
133 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ntd.com
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 09:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136003
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:02:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 09:19:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-128455718-1&cid=1464338981.1629199481&jid=1125997635&gjid=1740555348&_gid=1860143611.1629199481&_u=YEBAAEAAAAAAAC~&z=1920887469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 17 Aug 2021 11:24:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/videojs-ymk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-128455718-1&cid=1464338981.1629199481&jid=1125997635&_u=YEBAAEAAAAAAAC~&z=826615369

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-128455718-1&cid=1464338981.1629199481&jid=1125997635&_u=YEBAAEAAAAAAAC~&z=826615369

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 253fd33f-6805-44f6-ab01-46d7c6a7575d
https://www.ntd.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/253fd33f-6805-44f6-ab01-46d7c6a7575d
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 thumbnail_d.jpg
vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/ 24 KB
24 KB 507ms
507ms Image
image/jpeg 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/thumbnail_d.jpg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: f3b4728ae5f0c11342f607f501ae9517dc9397f336bb63905bcc38aacd0bbb50

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1629199481.cds155.fr8.hn,1629199481.cds240.fr8.sc,1629199481.dop056.ch4.r,1629199481.cds128.ch4.c,1629199481.cds240.fr8.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 24229

GET
H2 200 Youmaker_play_button.svg
vs.youmaker.com/images/ 1 KB
763 B 51ms
51ms Image
image/svg+xml 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vs.youmaker.com/images/Youmaker_play_button.svg
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/css/ymkplayer7.min.css?ver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: 28ea2a3caf53f854970592d0f3bbd04f778a31748ca8cf32dc20aeb9c05ca33f

Request headers

Referer: https://vs.youmaker.com/assets/css/ymkplayer7.min.css?ver=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 02:12:14 GMT
server: nginx/1.20.1
etag: "1628907134"
x-hw: 1629199481.cds155.fr8.hn,1629199481.cds052.fr8.c
content-type: image/svg+xml; charset=UTF-8
via: 1.1 google
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: clear
content-length: 610

GET
H2 200 subtitle Show response
www.youmaker.com/v1/api/video/ 35 B
202 B 383ms
291ms XHR
application/json 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/v1/api/video/subtitle?systemid=48897680-5da1-4bf0-a70c-0fd65fa599a2
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 35

GET
H2 200 Youmaker_player_logo.svg
www.youmaker.com/images/ 12 KB
5 KB 124ms
54ms Image
image/svg+xml 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youmaker.com/images/Youmaker_player_logo.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 09c4876d230686046390e0e836d90f43012aad1a55d2919e73af46c049069f5f

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 google
last-modified: Sat, 14 Aug 2021 02:11:28 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
content-encoding: gzip
alt-svc: clear

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/ 402 B
615 B 493ms
399ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/playlist.m3u8
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: ba7fc80641a11909ffb13a78ea0035717e33d507d1737e37f439da84452b4ea2

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1629199481.cds156.fr8.hn,1629199481.cds287.fr8.sc,1629199481.dop202.ch4.r,1629199481.cds087.ch4.c,1629199481.cds287.fr8.p
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=6
accept-ranges: bytes
alt-svc: clear
content-length: 402

GET
H3-29 200 bridge3.474.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 83D6 579 KB
190 KB 21ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.474.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194966
date: Mon, 16 Aug 2021 13:02:15 GMT
expires: Tue, 16 Aug 2022 13:02:15 GMT
last-modified: Mon, 09 Aug 2021 21:33:13 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 15FB 39 KB
20 KB 25ms
24ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN&size=invisible&cb=7a2qr8fbsdc1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bd594e61500c1c8eb4704f91ea842e62fbf40b8f33c9dd5c8fbb11028f7bbf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ltXCJTaukOIov+XQHtbLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN&size=invisible&cb=7a2qr8fbsdc1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 17 Aug 2021 11:24:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-2ltXCJTaukOIov+XQHtbLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19964
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK db718c9e-cc58-4033-a93c-09a25fc2c9fc
https://www.ntd.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/db718c9e-cc58-4033-a93c-09a25fc2c9fc
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 5299
Content-Type: application/javascript

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 105 KB
33 KB 173ms
60ms Script
application/javascript 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 80dfbb9dafd367452bb64a3611a734fa3757a05d1b0001a42528138cfd2e45f5

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZG_762Ipab.oKgIQuO7lSkr.Yg7KXwNW
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 08:33:27 GMT
Server: Apache
x-amz-request-id: 45F7FT1J1S2XXGR8
ETag: "bb23b7a9b9bdc9910eaaf8c8401259ed"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=76133
Date: Tue, 17 Aug 2021 11:24:41 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33466
x-amz-id-2: QxnWLdYRI0ITPaxojWVNWAxRrfigGx3oZKOE/QNqDZDNQL5A1Fa3a4jHFqOYcdz9VAdEwlOD5mo=

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/ 126 KB
42 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/50e823fc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 00:18:48 GMT
server: sffe
age: 10148
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42941
x-xss-protection: 0
expires: Wed, 17 Aug 2022 08:35:33 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9

Request headers

Origin: https://www.ntd.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 adsct
t.co/i/ 43 B
456 B 413ms
310ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 17 Aug 2021 11:24:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 94a788f678638b871dbf938dfd8e2247bc655e35b74dbed966bfa716664c877d
x-transaction: 4b274843bfced097
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AB9D 36 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 17 Aug 2021 11:46:45 GMT

GET
H2 200 0-6848c2d5e25b5ff4726c.js Show response
js.chargebee.com/v2/ 55 KB
17 KB 57ms
56ms Script
application/x-javascript 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/0-6848c2d5e25b5ff4726c.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-34.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

68880362d1f548529d11929167c92d3985b1f52acfcf5e91cfed2f7dc44eb655

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3ySLA7JcenTnJSZm2qvX1IpuO7oakK88
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 22 Jun 2021 04:49:53 GMT
server: AmazonS3
age: 101
etag: W/"347edad57fde73b260604eece8687b0f"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Tue, 17 Aug 2021 11:23:09 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VomIYo7KJ1DB2YPFRkZ-35JZA41bZNoXNlPzXlhrnRklZobUfP4Lmg==

GET
H2 200 60-7a6c84f8eab985ed6aff.js Show response
js.chargebee.com/v2/ 16 KB
5 KB 58ms
57ms Script
application/x-javascript 13.225.78.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/60-7a6c84f8eab985ed6aff.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.34 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-34.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8aac26847d6f44ad75d67907f6ec951132648ff347dbd15d363c36cdfa7fd0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bRBngpv.dl8e_Kqp24l5uacEX7fRmLbj
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 11 Aug 2021 09:48:25 GMT
server: AmazonS3
age: 144
etag: W/"7dc204a9c68686bbc266a8919f7c8d1e"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Tue, 17 Aug 2021 11:22:18 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pRxnNy07Hn3JNiuONWKH9-eLlhyOA3k_EIa4lzvbBO_sFoCk1rgecw==

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ Frame 15FB 52 KB
25 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN&size=invisible&cb=7a2qr8fbsdc1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:52:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:02:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 10:52:33 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ Frame 15FB 341 KB
133 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 09:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136003
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:02:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 09:19:05 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 53 B
366 B 73ms
24ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=&us_privacy=&gdpr_pd=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 17 Aug 2021 11:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1856
content-length: 169
expires: 60

GET
H2 200 tcb.js Show response
contextual.media.net/ 38 KB
8 KB 101ms
100ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250%7CT31K017_300x600%7CT31K017_320x100%7CT31K017_728x90&v=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f68d534e00e63d83731732a267a146e2929bf221b988074d74af17f81b18b80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 17 Aug 2021 11:24:41 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
content-length: 7668
expires: Thu, 19 Aug 2021 11:24:41 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 75 KB
4 KB 237ms
129ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=50048614646612441629199481324&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*175%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*178%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*201%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*203%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*214%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*222%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40154127862*251%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*175%7C300x250%7C8CUBNN02K%7C219315283_8CUBNN02K%7C%7C%7C1%40219315283*178%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*201%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*203%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*214%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*222%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40219315283*251%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*175%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*178%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*201%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*203%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*214%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*222%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40361572443*251%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*175%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*178%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*201%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*203%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*214%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*222%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40432445934*251%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*175%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*178%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*201%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*203%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*214%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*222%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40457067574*251%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*175%7C300x250%7C8CUBNN02K%7C822340472_8CUBNN02K%7C%7C%7C1%40822340472*178%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*201%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*203%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*214%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*222%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*229%7C300x250%7C8CU734595%7C375117874%7C%7C%7C1%40822340472*251%7C320x100~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*175%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*178%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.21006746736601412&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77a9f1b1f89eb4f32f2a47cc1db767c42ec1f710307cd64b9865b619ca3122dd

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 36 KB
2 KB 240ms
132ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=61962165343306561629199481327&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=833186455*201%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*203%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*214%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*222%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40833186455*251%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*175%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*178%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*201%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*203%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*214%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*222%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*229%7C336x280~300x250~300x600%7C8CU734595%7C815568811~375117874~277543751%7C%7C%7C1%40839126647*251%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*175%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*178%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*201%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*203%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*214%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*222%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40895788568*251%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.5288471139094748&tscode=1&crid=833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f5b86dbc81458f36066812f23d469fa4b2cba658c39d2909745a21b163c5555

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 15FB 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 41051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 24 Aug 2021 00:00:30 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15FB 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 38505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:42:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15FB 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:30:52 GMT
x-content-type-options: nosniff
age: 39229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:30:52 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 15FB 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5b766ef7c1436dae645920f3a47573d6d0f3705d2f1ab71e519a5fde098efbc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=en&v=JF4U2g-hvLrBJ_UxdbKj92gN&size=invisible&cb=7a2qr8fbsdc1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7ba66af6ac5340ef4843d31e9870f837436ab8bb0088d94c0c34bf87f70ba1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "961 / 859 of 1000 / last-modified: 1629198762"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25195
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
3 KB 196ms
55ms Script
application/javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20210813
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: dfc35b95644e058f86926147896a7974d4ee59416d69ebe4a0ebd0635ffa97ae

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:41 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 17-Aug-2021 11:24:41 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/ntd.com/ 514 B
937 B 1163ms
292ms Script
text/javascript 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ntd.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5ab194e2804e8ca9d20eac03beae4c467375715f8126dbdf3e905b58624ee910

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"202-fikVF3wCpj1RBwC8fU2gC+BC0ig"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 323

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 14 KB
2 KB 125ms
125ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=87235152725125441629199481528&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*97%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*97%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*97%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*97%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*97%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*97%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*97%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*97%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*97%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.24459507655999224&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 757739870d3bba85ee0fe8b324a4ab73820b52247dad1812122c71a6e1ed821b

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 pubads_impl_2021081201.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 182ms
65ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 08:42:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117424
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 58 B
723 B 173ms
62ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a6164dfe8fef36a2c1c648bf007b555e49cf318be3afb53dbc437791ed64fbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83D6 64 KB
15 KB 474ms
361ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&description_url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&correlator=2992579986737142&iu=%2F5965368%2FNTD_News_Preroll&pageurl=__page-url__&vpa=click&vpmute=0&sdkv=h.3.474.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.0&sdki=44d&adk=1593523825&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.ntd.com%2F115647bc-4889-48c8-a5b8-95584db09574&sid=9C54909F-05A3-4A36-8D79-91A4D970C630&eid=21064201&dt=1629199481555&cookie_enabled=1&scor=348578599772333&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9f5d7084c3341ded4229fc69ee0b2e8c17845e76c00382109b9b8488e89d9393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14459
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jsapi.v5.3.0.en_US.js Show response
static.mixi.media/static/jsapi/ 239 KB
70 KB 229ms
84ms Script
application/x-javascript 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 9b01d2160fc4faa66e40f8a86b7d81ca0c0c9e14969987a793ba1aec17b7231a

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jul 2021 14:20:09 GMT
Server: nginx
ETag: W/"60e5b819-3ba1b"
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 190ms
83ms Script
application/x-javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: 382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 20:46:02 GMT
Server: nginx
ETag: W/"610afc8a-133b9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 199ms
55ms Image
image/svg+xml 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H/1.1 200
OK /
target.mixi.media/init/ 95 B
463 B 277ms
134ms Image
image/png 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=8579097303917
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Target-Version: 2
Date: Tue, 17 Aug 2021 11:24:41 GMT
X-Target-Final: 20210817142441-0
Server: nginx
X-Target-Host: target2-1.ssel21
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00024
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Tue, 17 Aug 2021 11:24:40 GMT

GET
H2 200 playlist.m3u8 Show response
vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_480p/ 751 B
905 B 489ms
489ms XHR
application/x-mpegurl 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_480p/playlist.m3u8
Requested by: Host: vs.youmaker.com
URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: nginx/1.20.1 /
Resource Hash: 02da102aeb3a30d71d420021dea8d530fc66d3415d66c721bf3880c5348723cc

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
via: 1.1 google
server: nginx/1.20.1
x-hw: 1629199481.cds156.fr8.hn,1629199481.cds274.fr8.sc,1629199481.dop027.ch4.r,1629199482.cds194.ch4.c,1629199482.cds274.fr8.p
content-type: application/x-mpegurl
access-control-allow-origin: *
cache-control: max-age=5
accept-ranges: bytes
alt-svc: clear
content-length: 751

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 79ms
79ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pid=pQVs0a8L2ytdV&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2LG3LpQQvFges9sEIQN4hhE3pP1GnnKvPe0-axxVmi9ZIkvpaN5WAw==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 1 KB
828 B 151ms
48ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: fcf674aec9209cb003cadd179c6c217b73b19511fbc109f636541422fbe34f8b

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:41 GMT
Content-Encoding: gzip
Server: nginx/1.19.0
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 191 B
532 B 179ms
77ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 8121ed21b7ed90b510281e31ce7a4ee8e4b1e38bb0f7f6fde101a12dba5aa35a

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 191
Expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 255ms
122ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32032&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cfa354e5458d5e741989bac1a31f4f6ba09955ab668e8d9b307833232873d884

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
471 B 155ms
52ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_728x90&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 89549e8076d1cb00db2fa89517fb808bbabf7028b1bffe7b36ba3040f72cf541

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
370 B 164ms
70ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360717&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22133f6238535d72c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22141dbf58500a891%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215b4693d2d68988%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216ae9fb00e93036%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 12ffde9f3865e876f25bc93fd34bfe7ab06502486b31ea84a1df9b355a28471f

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[SE], RC:[AB], CN:[EU], CIP:[31.13.191.142], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 10
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
2 KB 263ms
95ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=bbac8a0e-aa97-4718-bc22-9286bd0f6ca9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6425251166603163
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 195638649a210b8d2c35a1163fe160822b77dd255f057a6609307d01809de5ce

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 263
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 114ms
51ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6802899a1f6d16a5-ARN
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 171ms
73ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

35b5bdde8888d18915025184d8b7a427011ba267c011a541752858356b8fcd9c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5ab9b23e-3fe1-43e3-8414-dfb35f19b65b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
366 B 133ms
133ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pid=pQVs0a8L2ytdV&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uZbB9-cm4lo00uq9Y_Dx2sFwoj_nfMRPCt0-RWrCQHcWYtYnveqDsg==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 191 B
532 B 161ms
65ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: a90a064b8ed4756aa80fc2238b81a5e440857d05a8ab3eade1b9c539adebc024

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 191
Expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
370 B 156ms
73ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360718&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223146a617fcfd2b3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232ecc73b0ebc535%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233c61b9cd8f5ca4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 23c7d0c8768ff2ad8b15c79e9bab374f8cc506286b97b172e02e4b41a1d796f4

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[SE], RC:[AB], CN:[EU], CIP:[31.13.191.142], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 10
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 238ms
78ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=c5eb3e9e-1d4c-4313-b23b-48661874e327&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6037920642684571
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9385cd31b20019e2487aafaca92d75aae2203268ff3731e5f0237c435428ad07

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 237ms
139ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c12c0300d95f68070bca50f1776b404962166db26b325c6291488ae39a78f9b6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 35c895ec-77f2-4d0d-8530-61e3df821abe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 213ms
96ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0bcdaf5deefd6c48b883440c74c11521cd5ac062b4da70a8188eb5860e941302

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
281 B 95ms
42ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6802899a1f7016a5-ARN
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
471 B 154ms
52ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2111cb86a447718681fdf6f253f4c440553f16a833fd233e7ca3011ad18370ae

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
366 B 94ms
94ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pid=pQVs0a8L2ytdV&cb=2&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: S8e5t7KNbYufV_2GuHGTfPYUt9QbdBHeA0_YL3y_cRt6I77-mC-ffA==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 191 B
532 B 182ms
85ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: c5ba8dcd4107103108ae81e5ae3b3c1fca1ae72923cd3fd9b4cbbe544ac58ed4

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 191
Expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 261ms
151ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a053efe52df0368d35df4bafa40589c696613ea89b1bd6cbc24fd83b0d036e21

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
471 B 152ms
52ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 3f5ca4dd801b8208f20d117efa9b2b745466409f0c94a6d8b32dcdc8599658b0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 174ms
76ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f8277ebd4ab8c6f66b0ab5472389c3001af4ca9cdf85e9089a6ba750cc8f6b1f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8698635c-8618-4e59-8639-a873e6017792
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 237ms
77ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=56c0ffc9-5b14-4f3a-8fa1-c49d2eceb9a3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05492030859865005
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1520d2488866fa3228ea151928ddd5893bc72125ffa8e489726ebafa5714e2f1

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 96ms
51ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6802899a1f7116a5-ARN
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
370 B 140ms
67ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2262d3775f04c0efc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263d23d736d8fce3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22642c9aec5ba1814%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b9725b70579e8a79d54ca6705662e611712cb1a82ecb369ef76d9a119e65ee5d

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[SE], RC:[AB], CN:[EU], CIP:[31.13.191.142], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 10
expires: Tue, 17 Aug 2021 11:24:41 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 94ms
93ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pid=pQVs0a8L2ytdV&cb=3&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&cfgv=0&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: E8ILAzm3RBgp8EF2N6QzzjiovGYy-b6xjOnZkDK4Kn9QVaIdKyymAA==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 191 B
532 B 177ms
81ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.19.0 /
Resource Hash: 4866e21a4f60c3d8fde543ae5e0907d567a29242a80e498f36cff60551c1ec65

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx/1.19.0
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 191
Expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 257ms
157ms XHR
application/json 54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.theepochtimes.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html&ns=10240
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 89af0d630ba20c4dc2c3d15dcaf42832cc51bd0522bf2cb42feffbe628915876

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.ntd.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 83ms
47ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 17 Aug 2021 11:24:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 6802899a1f7216a5-ARN
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
471 B 175ms
52ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: da8c27ceed8f584e94037f3ab3d66b977ff0c51c916432696ba72e361247abbe

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
370 B 137ms
73ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360722&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2279efed8c05b0847%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22804877db3b6acbc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2281b288a02a25499%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c69291a419bd01a66e87fb22bedbfeaf2d58bba493f61d8437134556b3037a5c

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[SE], RC:[AB], CN:[EU], CIP:[31.13.191.142], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 10
expires: Tue, 17 Aug 2021 11:24:41 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 218ms
74ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c71b62fb6d05552af52e2f65988acf272a75a518a90e9eafff3c5bb9db0f6791

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 726855f0-6019-46af-93f2-334edbb6f870
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 3 KB
3 KB 311ms
93ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=8bdf4233-bcbc-42d1-9a6b-9932a540de63&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7631483438001547
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3cf18665fe0d2dc0aef2d3155751d541e87b20bc8e585040373e29986fda24a0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1579
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
265 B 146ms
86ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e2bd241ffb0a420a0f17fd12bf34e1a2293e4f3c34eb0b47b8886c6c556f0d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 966D 6 KB
3 KB 50ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 17 Aug 2021 11:24:41 GMT
expires: Wed, 17 Aug 2022 11:24:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 55ms
54ms Script
application/javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxIkZDc3NzdlOTgtYWQ5NC00ZjMwLTlkNzEtNDA0ZWI5MmE2NjNjGLL27J61LyIkYTNkYzlhZTgtNmMwNC00NDNiLTk4ZTUtZDFkNDFkMDM5M2E2&cb=_callbacks____0ksfzb1ol
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: 218e2b2c810635f1fd22e58481850f3830499925ea8083309330a355161c964b

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 3 KB
2 KB 142ms
141ms XHR
application/json 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.3.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: f192c8e02e0373406e39422eb87f9b16b711d375c518b6c56950cb742a460835

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Content-Encoding: gzip
Last-Modified: Tuesday, 17-Aug-2021 11:24:42 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Node: ads4-3ssel30

GET
H/1.1 404
Not Found /
mixi.media/cookiematching/ 0
0 158ms
54ms Image
text/html 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGQ3Nzc3ZTk4LWFkOTQtNGYzMC05ZDcxLTQwNGViOTJhNjYzYxoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjI5MTk5NDgxNjUwGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGEzZGM5YWU4LTZjMDQtNDQzYi05OGU1LWQxZDQxZDAzOTNhNhoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1629199481984
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 162ms
56ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BF3D 14 KB
5 KB 422ms
57ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=57381
expires: Wed, 18 Aug 2021 03:21:03 GMT
date: Tue, 17 Aug 2021 11:24:42 GMT
vary: Accept-Encoding

POST
H2 204 csi
csi.gstatic.com/ Frame 83D6 0
348 B 771ms
164ms Ping
image/gif 142.250.68.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ksfzb1d5&c=2559838718364&slotId=1279919359182&qqid=COudgYP5t_ICFavquwgdtD8CgA&gqid=eZwbYYnMKsqdlQfu76XoCQ&fb=ima_html5-lima&sdkv=h.3.474.0&ppt=videojs-ima&ppv=1.8.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=21064201&met.4=ghmsh_s.ksfzb1s3~ghmsh_s.ksfzb1s4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=7_9J8jNgeQbp7ReB
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.68.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: dfw25s41-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gm_help_outline_white_24dp.png
fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/ Frame 83D6 412 B
435 B 21ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/gm_help_outline_white_24dp.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 05:38:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 2020 06:06:13 GMT
server: sffe
age: 20797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Wed, 17 Aug 2022 05:38:05 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 83D6 42 B
350 B 19ms
19ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeKI-eZwbYav9K6vV7_UPtP-IgAjig63iY6PNo5G2DrCQHxABIJDV6CFg8a38haQfoAGs7ZSFA8gBBakCIonlSLnufj7gAgCoAwGYBACqBNwCT9Atiu5-TXdSBjb0RPVn0V9yKQ15laZwMJl8gy9TJy0w1CBbpe6mrIOaJe1wefoa04ze_P72eifL75vf-ZxiZIu6jYg2OsA1ibBTauaJ81U74e1vDAVNvXz8uU9120x_NH23hrcdyhnrbcO_X-HU_8QRFUbSjzjhOhkyU1r_cuiwypipyzdZ2uSV8Fn42KAHoYklEyJxwLIsJAa3zxs_FjyQfHbNV5ZcI-4Y7lcQ15s39FhplUb9_Lye5i0EZMkNfF30DCjMEcvkdqFLfQzTnU_E5CEDAG5wTAKom1T25WbH5ntGyt_sJb173xj-uGcMZ7B_kx8pxh90FH4eaC6kwep2ZJxNubIhildTfDs2wqmDlrgxVmlOJR7SEhqvEvbKj9SD7-qSXEgaMgtFYBhtQSc1WNsQfbos3Eh4Xj4fJs0ALpGx96mURRelAWhOfDQ4pEoI3q_sEie8ZzMLwATpnNv3yAPgBAGgBlOAB7yS63qoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwHSCAkIiOGAEBABGB2xCT5gJNWD_Gl1gAoDmAsByAsB0AsPuAwB2BMT0BUBgBcB&sigh=A3PjypNfB48&label=show_ad&acvw=&sdkv=h.3.474.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ5NTU2ODA4NjY5MTIMNTM0NDE3NjcwMjc2QOUDUh0QDyUAAOBAKAE6B3Vua25vd25CB3Vua25vd25QABgB

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 83D6 0
0 135ms
75ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C7TOXeZwbYav9K6vV7_UPtP-IgAjig63iY6PNo5G2DrCQHxABIJDV6CFg8a38haQfoAGs7ZSFA8gBBakCIonlSLnufj7gAgCoAwGYBACqBNkCT9Atiu5-TXdSBjb0RPVn0V9yKQ15laZwMJl8gy9TJy0w1CBbpe6mrIOaJe1wefoa04ze_P72eifL75vf-ZxiZIu6jYg2OsA1ibBTauaJ81U74e1vDAVNvXz8uU9120x_NH23hrcdyhnrbcO_X-HU_8QRFUbSjzjhOhkyU1r_cuiwypipyzdZ2uSV8Fn42KAHoYklEyJxwLIsJAa3zxs_FjyQfHbNV5ZcI-4Y7lcQ15s39FhplUb9_Lye5i0EZMkNfF30DCjMEcvkdqFLfQzTnU_E5CEDAG5wTAKom1T25WbH5ntGyt_sJb173xj-uGcMZ7B_kx8pxh90FH4eaC6kwep2ZJxNubIhildTfDs2wqmDlrgxVmlOJR7SEhqvEvbKj9SD7-qSXEgaMgtFYBhtQSc1WNsQfbos3Eh4Xj4fJs0ALpHp9nMi1sWck6uvywzCE1nmbLUMiBekwATpnNv3yAPgBAGgBlOAB7yS63qoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQ9-6YAdIICQiI4YAQEAEYHYAKA8gLAdgTE9AVAYAXAbIXHgocCAASFHB1Yi0zOTkwMTgwMTU3MTgzMDAyGMDcDA&sigh=p2PPPrDlvRw&cmd=Ch1jYS12aWRlby1wdWItMzk5MDE4MDE1NzE4MzAwMhAAGAI&vt=10&sdkv=h.3.474.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ5NTU2ODA4NjY5MTIMNTM0NDE3NjcwMjc2QOUDUh0QDyUAAOBAKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 724ms
164ms Ping
image/gif 142.250.68.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~ksfzb0yo&c=2559838718364&slotId=1279919359182&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.68.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: dfw25s41-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 9295863.jpeg
static6.mixi.media/img/400x300/ 28 KB
28 KB 234ms
92ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/9295863.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 79ff3af8f124da212eb1aa97c3316cc6a185bb5f55eb974a9923a87258b8b294

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Last-Modified: Mon, 16 Aug 2021 15:03:29 GMT
Server: nginx
ETag: W/"611a7e41-c0e2"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28355
Expires: Wed, 16 Aug 2023 15:03:46 GMT

GET
H/1.1 200
OK 9263700.jpeg
static6.mixi.media/img/400x300/ 25 KB
25 KB 224ms
82ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/9263700.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: b49a2c5dc989a38fd6e1ca1b0281682ba7d8e513d0f782873ea78c574b700be1

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Last-Modified: Thu, 05 Aug 2021 15:28:55 GMT
Server: nginx
ETag: W/"610c03b7-63c1"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25354
Expires: Sat, 05 Aug 2023 15:29:41 GMT

GET
H/1.1 200
OK 9280092.jpeg
static3.mixi.media/img/400x300/ 45 KB
45 KB 470ms
82ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/9280092.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: a5e0e9a0ef200fe532e2cadbce0480d0f46f6d6a2036120681ccf430012fc58e

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Last-Modified: Wed, 11 Aug 2021 06:20:01 GMT
Server: nginx
ETag: W/"61136c11-1a638"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46158
Expires: Fri, 11 Aug 2023 06:20:12 GMT

GET
H/1.1 200
OK 9096086.jpeg
static3.mixi.media/img/400x300/ 12 KB
12 KB 555ms
57ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.mixi.media/img/400x300/9096086.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: c20e8e9b2a638d8982711e81739b3124144126918af7b4882d85bfaa1ca7e37e

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Last-Modified: Sun, 13 Jun 2021 23:49:46 GMT
Server: nginx
ETag: "60c6999a-2e37"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11831
Expires: Tue, 13 Jun 2023 23:50:08 GMT

GET
H/1.1 200
OK 8978330.jpeg
static7.mixi.media/img/400x300/ 37 KB
38 KB 470ms
82ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/8978330.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: 2d3682f228d657de7644e13edc51d49607c99cfe29d17de53ff795f2b2ea64f2

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Last-Modified: Wed, 12 May 2021 05:26:01 GMT
Server: nginx
ETag: W/"609b66e9-150c3"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38310
Expires: Fri, 12 May 2023 05:26:07 GMT

GET
H/1.1 200
OK 9249475.jpeg
static2.mixi.media/img/400x300/ 14 KB
15 KB 1225ms
81ms Image
image/jpeg 136.243.217.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/9249475.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.217.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi1-1.sfa50.mixi.media
Software: nginx /
Resource Hash: defb0d777e64580ce9c6657e8d7401cd3a594529c6f1cc37095a99fca8aacb75

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:43 GMT
Last-Modified: Sun, 01 Aug 2021 07:38:43 GMT
Server: nginx
ETag: W/"61064f83-38a8"
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14766
Expires: Tue, 01 Aug 2023 07:39:10 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr3---sn-4g5ednld.googlevideo.com/
Redirect Chain

https://rr3---sn-5goeen7y.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&mh=EO&mm=31&mn=sn-5goe...
https://rr3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctie...

188 KB
0

103ms
90ms

Media
video/mp4

2a00:1450:4001:5d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1628288788080861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGH1cBjjIGVOuXVu-Mfo6pdOynT8CaXEFcwshPv3xk3gCIGp1zzvTK5HwDsX_5R1K3MaEDNhtP4ay6F4rw0TdhoUo&cpn=7_9J8jNgeQbp7ReB&redirect_counter=1&rm=sn-5gole7s&req_id=405fcfdea1af36e2&cms_redirect=yes&ipbypass=yes&mh=EO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1629199239&mv=m&mvi=3&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANcQtgY7SNkYSALYmsfbHbyCJl0r07j5a-PNhnor9lIhAiA8LzEI6X2-J1B77HRx5vuwLUCVrfTMX-EtB6ZZ23nljw%3D%3D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Aug 2021 22:26:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-332050/332051
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 332051
Expires: Tue, 17 Aug 2021 11:24:42 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr3---sn-4g5ednld.googlevideo.com/videoplayback?expire=1629228281&ei=eZwbYZ26OpqF1wKkm4DACQ&ip=31.13.191.142&id=81799d3b4ef12a78&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=6.060&lmt=1628288788080861&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGH1cBjjIGVOuXVu-Mfo6pdOynT8CaXEFcwshPv3xk3gCIGp1zzvTK5HwDsX_5R1K3MaEDNhtP4ay6F4rw0TdhoUo&cpn=7_9J8jNgeQbp7ReB&redirect_counter=1&rm=sn-5gole7s&req_id=405fcfdea1af36e2&cms_redirect=yes&ipbypass=yes&mh=EO&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5ednld&ms=au&mt=1629199239&mv=m&mvi=3&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANcQtgY7SNkYSALYmsfbHbyCJl0r07j5a-PNhnor9lIhAiA8LzEI6X2-J1B77HRx5vuwLUCVrfTMX-EtB6ZZ23nljw%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 15 KB
2 KB 130ms
130ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=39103428399132661629199482133&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*175%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*178%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*201%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*203%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*214%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*222%7C728x90~970x90%7C8CUBNN02K%7C812916687~812916687%7C%7C%7C1%40812916687*229%7C970x250~728x90%7C8CU734595%7C247181456~182703547%7C%7C%7C1%40812916687*251%7C970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.0030904878818032167&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 61e4956999b77070d064e08381db56f4ffc860efa5b457ff07b4d1a9650b23eb

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 2 KB
1 KB 126ms
126ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=19620389437106011629199482135&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*97%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.7581991970337834&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5839ccc0e7529b4f4945cfe7163f363e0cae2e44bd9cbad0cd8c2820bbdb58d1

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 13 KB
2 KB 128ms
128ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=65421898583022941629199482211&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*175%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*178%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*201%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*203%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*214%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*222%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40445443433*251%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.2469387289965459&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A374%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7cc612204e573284cd594bf8102834cff57671a656b2b082d479e059853c9f4b

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 2 KB
1 KB 127ms
127ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=78804340857717531629199482212&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*97%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.23488494783623048&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=SE&ct=STOCKHOLM&rc=AB&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A374%7D%7D&encryptionVersion=0.0
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc2462d1567bd55cd70a1593c4411be36f62284cd181b6ad800585b3a113d868

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
BLOB 200
OK 0370592b-b873-46b9-b885-ce413ce8904b
https://www.ntd.com/ 51 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ntd.com/0370592b-b873-46b9-b885-ce413ce8904b
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4876add1f3b7a1218d91c56cba2d3045fa4a3b43b1c67480ceb5bc933dc99ca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 52449
Content-Type: application/javascript

GET out0000.ts
vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_480p/ 0
0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 97ms
97ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3174365396658028&correlator=3690320600400626&output=ldjh&impl=fifs&eid=31061423%2C31062230%2C31062276%2C31061181%2C31061425%2C676982961%2C20211866%2C31062180%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210817&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2%26mnetPageID%3D10%26mnetCC%3DSE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_news_exclusive-6030%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie=ID%3D25c0bce7e30a9311-22ecfb06a5c80024%3AT%3D1629199482%3AS%3DALNI_MY6EAdgGllJ9Z4VgbcKfFHsdDcTgA&bc=31&abxe=1&lmt=1629199482&dt=1629199482334&dlt=1629199479767&idt=2065&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=135&adks=1030851624&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x0&msz=1200x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1464338981.1629199481&ga_sid=1629199482&ga_hid=238874735&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1e87164c4a010d5d11c72b954fc26b1e1f26d7bd8ae5be9df59e54496446d070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8132
x-xss-protection: 0
google-lineitem-id: 5603010683
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138338252183
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 83D6 42 B
64 B 64ms
64ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGA6EeZwbYav9K6vV7_UPtP-IgAjig63iY6PNo5G2DrCQHxABIJDV6CFg8a38haQfoAGs7ZSFA8gBBakCIonlSLnufj7gAgCoAwGYBACqBNkCT9Atiu5-TXdSBjb0RPVn0V9yKQ15laZwMJl8gy9TJy0w1CBbpe6mrIOaJe1wefoa04ze_P72eifL75vf-ZxiZIu6jYg2OsA1ibBTauaJ81U74e1vDAVNvXz8uU9120x_NH23hrcdyhnrbcO_X-HU_8QRFUbSjzjhOhkyU1r_cuiwypipyzdZ2uSV8Fn42KAHoYklEyJxwLIsJAa3zxs_FjyQfHbNV5ZcI-4Y7lcQ15s39FhplUb9_Lye5i0EZMkNfF30DCjMEcvkdqFLfQzTnU_E5CEDAG5wTAKom1T25WbH5ntGyt_sJb173xj-uGcMZ7B_kx8pxh90FH4eaC6kwep2ZJxNubIhildTfDs2wqmDlrgxVmlOJR7SEhqvEvbKj9SD7-qSXEgaMgtFYBhtQSc1WNsQfbos3Eh4Xj4fJs0ALpHp9nMi1sWck6uvywzCE1nmbLUMiBekwATpnNv3yAPgBAGgBlOAB7yS63qoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwHSCAkIiOGAEBABGB2ACgPICwHYExPQFQGAFwE&sigh=GO36H_WWaY4&cmd=Ch1jYS12aWRlby1wdWItMzk5MDE4MDE1NzE4MzAwMhAAGAI&label=videoplayfailed400&acvw=&sdkv=h.3.474.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ5NTU2ODA4NjY5MTIMNTM0NDE3NjcwMjc2QOUDUh0QDyUAAOBAKAE6B3Vua25vd25CB3Vua25vd25QABgB

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 83D6 42 B
64 B 64ms
64ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CeKI-eZwbYav9K6vV7_UPtP-IgAjig63iY6PNo5G2DrCQHxABIJDV6CFg8a38haQfoAGs7ZSFA8gBBakCIonlSLnufj7gAgCoAwGYBACqBNwCT9Atiu5-TXdSBjb0RPVn0V9yKQ15laZwMJl8gy9TJy0w1CBbpe6mrIOaJe1wefoa04ze_P72eifL75vf-ZxiZIu6jYg2OsA1ibBTauaJ81U74e1vDAVNvXz8uU9120x_NH23hrcdyhnrbcO_X-HU_8QRFUbSjzjhOhkyU1r_cuiwypipyzdZ2uSV8Fn42KAHoYklEyJxwLIsJAa3zxs_FjyQfHbNV5ZcI-4Y7lcQ15s39FhplUb9_Lye5i0EZMkNfF30DCjMEcvkdqFLfQzTnU_E5CEDAG5wTAKom1T25WbH5ntGyt_sJb173xj-uGcMZ7B_kx8pxh90FH4eaC6kwep2ZJxNubIhildTfDs2wqmDlrgxVmlOJR7SEhqvEvbKj9SD7-qSXEgaMgtFYBhtQSc1WNsQfbos3Eh4Xj4fJs0ALpGx96mURRelAWhOfDQ4pEoI3q_sEie8ZzMLwATpnNv3yAPgBAGgBlOAB7yS63qoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwHSCAkIiOGAEBABGB2xCT5gJNWD_Gl1gAoDmAsByAsB0AsPuAwB2BMT0BUBgBcB&sigh=A3PjypNfB48&label=video_ad_loaded&acvw=&sdkv=h.3.474.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ5NTU2ODA4NjY5MTIMNTM0NDE3NjcwMjc2QOUDUh0QDyUAAOBAKAE6B3Vua25vd25CB3Vua25vd25QABgB

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 476ms
476ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3174365396658028&correlator=3690320600400626&output=ldjh&impl=fifs&eid=31061423%2C31062230%2C31062276%2C31061181%2C31061425%2C676982961%2C20211866%2C31062180%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210817&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=first_article%3Dtrue%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D878428acbad99a1%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D878428acbad99a1%26hb_bidder%3Drubicon%26mnetPageID%3D11%26mnetCC%3DSE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dcoronavirus-outbreak-28902%252Cchina-10%252Cnews-8%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_news_exclusive-6030%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie=ID%3D25c0bce7e30a9311-22ecfb06a5c80024%3AT%3D1629199482%3AS%3DALNI_MY6EAdgGllJ9Z4VgbcKfFHsdDcTgA&bc=31&abxe=1&lmt=1629199482&dt=1629199482412&dlt=1629199479767&idt=2065&frm=20&biw=1600&bih=1200&oid=3&adxs=1028&adys=374&adks=2760480871&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=372x0&msz=372x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1464338981.1629199481&ga_sid=1629199482&ga_hid=238874735&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e352656650831260fbac2fea58f74e33a5168e2171eb0708fed6e08dcae6b6d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8100
x-xss-protection: 0
google-lineitem-id: 5736680632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138359313449
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BF3D 0
42 B 173ms
57ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86410519&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-length: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 15C4 0
0 76ms
75ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyKOzrORrMQpDSrmlvDqciJq4aoXbdn-JIYHNy0Fz28qSpyX-elbie7JthteqbYKlGnvrI1T1KucMW4h7XOKjUHWktwPGYlkrTObzoGVn9DIn8xJWZjB-jk2xPniy9nn5y9nA8GSJ9cxRjDAxcMI0STZ0IbSgCxIM7LRUo725PSUiCgVVg3N0lfJ4Y00EDNaBMWqO3iqXucRX99zvQMnGBfokZmXVnzdeZ_RWvIIiIJ8FXwbO6TvWMv8BghskQNqEElWwNIt3TCNcC0DJrIC5Rrv1nTbH1gm7GLJT-cYA9mI6JIpl52JxdlqAhAD0CrV_x_RJBKsiyXfVJF7UyKbfrTQuDnQZ-iNrrrICnN7zbUzRiBsk&sig=Cg0ArKJSzCeIwpukcxICEAE&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15C4 124 KB
37 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H2 200 10867798145211662034
tpc.googlesyndication.com/simgad/ Frame 15C4 235 KB
236 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10867798145211662034?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70852ff42f7166bd99f142e468d896c0ac9d55a4814d8246ead18f494ad6539f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 18:33:10 GMT
x-content-type-options: nosniff
age: 233492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241002
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 18:42:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Aug 2022 18:33:10 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113446242536"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 15C4 0
0 139ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDShG8z04OP1SQ2cHUNd7TrXWkIM6b7plO6bmU3fG_NMe4RH6TPvMaTK-xpsJEWHKhHzlo_pFMGr_lChW52Du41UB2lxQy_cBRr5aRKS6bFq1962zBrrozPurweopy7hzZHOUlVV-OZfrGa0xv_z3PzqpxAUAhviLzddJDylXdziXT2l6n8fLILy-BMVnaj6PSfbnxvw0NkPpZ_LKa906K3rBuzYwi_IP45FBtgdVocFhILmA5RlLJvgbl1WPITJ6x1hQ0s6NyNQOfEWOGbeqk5-W8hNUd-G5rgVtQ--o6BUodXsGzk4WmDBt8gnTpvWi5Jl4U-t8eZjgG&sig=Cg0ArKJSzIjJwoxDTum-EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
DATA 200
OK truncated
/ Frame 15C4 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d96d7067d198fc50c66c3c2175a7ffef66e4fdc6440261950acfbd863e87a55d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 95ms
64ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 83D6 0
54 B 214ms
165ms Ping
image/gif 142.250.68.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ksfzb1sd&c=2559838718364&slotId=1279919359182&qqid=COudgYP5t_ICFavquwgdtD8CgA&gqid=eZwbYYnMKsqdlQfu76XoCQ&fb=ima_html5-lima&sdkv=h.3.474.0&ppt=videojs-ima&ppv=1.8.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.ksfzb1se~err.ksfzb210&aec=400
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.68.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: dfw25s41-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/ntd.com/users/83064965.1629199482533/ 54 B
285 B 296ms
296ms Script
text/javascript 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/ntd.com/users/83064965.1629199482533/view?url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=618591&items%5B0%5D%5Bc1%5D=CCP%20Virus&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.theepochtimes.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_3830993.html&cid=83064965.1629199482533&z=73604&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 83064965.1629199482533 Show response
api.dable.io/widgets/id/Ql9OO5o4/users/ Frame 18CB 37 KB
6 KB 849ms
557ms Document
text/html 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 008d405c18b167829ca35b48d59a9f1de2fd145f424e04eba1de729669565563

Request headers

Host: api.dable.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uid=83064965.1629199482533; _skp=1; _gg_ck_match=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Aug 2021 11:24:43 GMT
Server: nginx
Content-Length: 6250
Connection: keep-alive

GET
H/1.1

200
OK

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=83064965.1629199482533
https://act.ds.kakao.com/match2?d=111&uid=83064965.1629199482533&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2283064965.1629199482533%22%2C%22t%22%3A%2220210817%22%7D%7D

0
572 B

1865ms
309ms

Image
image/avif

203.133.167.207
DAUM-NET Kakao Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://act.ds.kakao.com/match2?d=111&uid=83064965.1629199482533&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2283064965.1629199482533%22%2C%22t%22%3A%2220210817%22%7D%7D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 203.133.167.207 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software: analytics /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/avif;charset=UTF-8
Content-Length: 0
X-Application-Context: analytics
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Location: https://act.ds.kakao.com/match2?d=111&uid=83064965.1629199482533&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2283064965.1629199482533%22%2C%22t%22%3A%2220210817%22%7D%7D
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 0
X-Application-Context: analytics
Expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEOu_dFmUxoCPa9h9fCUChX8&google_cver=1

35 B
195 B

900ms
299ms

Image
image/gif

52.78.61.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEOu_dFmUxoCPa9h9fCUChX8&google_cver=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.61.184 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-61-184.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:43 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEOu_dFmUxoCPa9h9fCUChX8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ 49 B
509 B 189ms
46ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D0%26gdpr%3D%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:42 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1FC 0
0 75ms
75ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQBYDn6H66BZs23zAh2WxrV0jJwZODrPW693laFNR699dZAoiNhO1gDe-DEN04nR8ZxpaABAVGCxAyJ8Vq25dhsJpWGabwxGz84xzxprUHHnEc2TLek8TcTi0zB0cJkxsEwLos_PzIxb5ARuXxkyVddmdgRVb22KI3A1n1wDyMoHPxvuIRauqRAYdUrDNdnpGCsnaiKeWCm4hw6wA9Q5UVPs1hA9WoBZJICCIaXCKzRMRNQxahgYj3FxNW6A2ozUnvMG1sjJ4KqBal-zDYdqj_iWmyB99tNllBLHYMcFmJRohVEc4hERrFoozwWRIu2Qr1PAqwSOAsIG-E1l2M&sig=Cg0ArKJSzNjEpFvlMCpWEAE&urlfix=1&adurl=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1FC 124 KB
37 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629113426487594"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38194
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
H3-29 200 9625257800548724902
tpc.googlesyndication.com/simgad/ Frame A1FC 193 KB
193 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9625257800548724902?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f656f191ff333e55fdf3c8636c22088db3eb99e15e38b22d3272fcb410126f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 14:02:50 GMT
x-content-type-options: nosniff
age: 163312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197137
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 17:33:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 14:02:50 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1
https://ib.adnxs.com/prebid/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=8d84633c-cd19-4dfe-8706-e5ebe9281b42

43 B
1 KB

55ms
54ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=8d84633c-cd19-4dfe-8706-e5ebe9281b42

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:43 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 795a9b9f-36d9-45dd-bb20-bbe88b2b2f4d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:42 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ib.adnxs.com/prebid/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=8d84633c-cd19-4dfe-8706-e5ebe9281b42
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tti0rjbjknk2eihhavetasgou9r0lved

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A1FC 0
0 77ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4_W5SGxDsXsqDgUKFcWUH9rleg4zlxjm4QNoH_jnPojaBZ7f5xh2phdurLKvmBLJ5Szr0RMVO40D891wJqC-lI7AAmrU8B6dqh2WI5QEzEUxRkf8wpgxfkEewyrPi7LoSjYxuI901idBxAsVm6GZGQBeoMGtIO62hdE32vjNx1xUxvmHQgIv12rEWo4sI5IcO2y3vU7juf4MK3r5Z1C36oltu9BTNLkWgh0NoRAPnNcQ39njIQasWDZCeX9NhUEPVWWk_h0YbnNItg0J57nUBTHh2dwi13d8ysZ-lcJCGvJhU1QKdoz0w8y-Mjay2VGWT&sig=Cg0ArKJSzHlhNjP6q_8aEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 17 Aug 2021 11:24:42 GMT

GET
DATA 200
OK truncated
/ Frame A1FC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca1eed3a34484a876d71cf8788086134cf755e4fd9244333af83be76e6dfab16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3174365396658028&vrg=2021081201&nw_id=5965368&nslots=9&eid=31061423%2C31062230%2C31062276%2C31061181%2C31061425%2C676982961%2C20211866%2C31062180%2C31062297&pub_url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&qid=CJ-kqYP5t_ICFUcJiwody84F0g&iu=%2F5965368%2Fntd.tv_article_header_728x90&e=0&ret=970x250&req=970x250%7C970x90%7C728x90&bm=0&efh=1&stk=0&ifi=3

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15C4 42 B
64 B 36ms
36ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP59FJX0AZER_UKVqMEz4twXcBx7sNV1TH0eotzM8fjUgEF_EtIajSLEBAk8q3JVQ3maW9TWsk7TfzOywEgk8qrwskLqRogyE1dPZbLlcM_8om2suS&sig=Cg0ArKJSzOkaC7SqN38wEAE&id=lidar2&mcvt=1000&p=135,315,385,1285&asp=135,315,385,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1030851624&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629199482443&rpt=79&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 18CB 830 B
846 B 67ms
66ms Stylesheet
text/css 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: 87CA1C314AC3F073
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Date: Tue, 17 Aug 2021 11:24:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: IAudwbOcdUNZa0doZ74lzbKGP1eLsh0DNubahYtViHiW8KVnyjVYQ0/FmhiQ9cdX89VdgPFoe5k=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 18CB 73 KB
10 KB 124ms
56ms Stylesheet
text/css 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202106141538
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 08:27:13 GMT
Server: Apache
x-amz-request-id: H3GSJ3XSS7B7MSGG
ETag: "b21f082c8bf7c670dc2314e542e4dcd4"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 17 Aug 2021 11:24:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10090
x-amz-id-2: CV49zchxyfrJ7A0uDlnesP8HJgUzPO5F5jg+mvemxg6m3fTF41RU5lMczudu2y1+N0FssM5UFFQ=

GET
H2 200 css
fonts.googleapis.com/ Frame 18CB 4 KB
714 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 09:35:34 GMT
server: ESF
date: Tue, 17 Aug 2021 11:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H/1.1 200
OK 71bfe99e1769491e83e7c7c3868c0c77cb005.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/4eb/ Frame 18CB 8 KB
8 KB 220ms
96ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/4eb/71bfe99e1769491e83e7c7c3868c0c77cb005.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cbea61d61b4b708c379dd49015e2baa7d72f61a8070c885b84bbe888d1b14992

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jbn_V6O3DRgUcEE.LxawTQTlP_tgSjcc
ETag: "3780eb6ad98693949708e62a2e230ce0"
x-amz-request-id: MKKVYQRHPGYJAD7X
Connection: keep-alive
Content-Length: 7776
x-amz-id-2: 3jlnLHrH8UIWc+jICKuaGABkbfBxb4bZqpXFgJIVAZaja3mXRCeigohAoI4C44Vve9hqs/4VG3Y=
Last-Modified: Wed, 04 Aug 2021 02:39:58 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 2022556f75baa6971ed8befb8b397228e06f6.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/849/ Frame 18CB 3 KB
4 KB 233ms
109ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/849/2022556f75baa6971ed8befb8b397228e06f6.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37512989c98421880ed372bf6b8b2e245b0d9dcbb65bf82d406063bdc2cdcbd1

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7S.RrVYYkvajN3_eY3vTqXRDoakiXXFu
ETag: "9cac35315ca977983a2c3c377c9cb520"
x-amz-request-id: 9DAEVC358FNHN4FS
Connection: keep-alive
Content-Length: 3082
x-amz-id-2: oS0oLiyNzMeD5x3vsixdvvAcDRwNnEb6u839eXku1zfm9wuenb/q2l2bPpkZLAnQUjdcbPZnG7o=
Last-Modified: Tue, 17 Aug 2021 03:32:21 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f257817fa3399105be006c2818b6254c9941b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f4e/ Frame 18CB 6 KB
6 KB 220ms
96ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/f4e/f257817fa3399105be006c2818b6254c9941b.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fa8be78e0b24fa34196f3fd6b307596f1e20b6a8965ff5075fa11d6a340b5cde

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: f_6mL4Ps1IbtZ4z_YDkE4gX71C.neG3a
ETag: "f81d0d57af2a09d8f4c357a5dca46d88"
x-amz-request-id: M885R3MY93C35DW4
Connection: keep-alive
Content-Length: 5760
x-amz-id-2: 8oLCnOrisfywndoUEAFHwhNXHhC2ryv5sU5EIMAAsXAtWkRBAlXbpiGO6xFKwR+EsugbRc/UjW4=
Last-Modified: Tue, 17 Aug 2021 07:34:37 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 170eac5d758d50fdfe71e506dc87f629e11c7.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/83a/ Frame 18CB 6 KB
7 KB 953ms
829ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/83a/170eac5d758d50fdfe71e506dc87f629e11c7.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 138a20465b4b10cfcd7b480b8822a68c212dfe79665118ccd877ee06881780b3

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RLa2ZA9uWJcPjPuawi5SACLnYz.7fkeK
ETag: "af09790d0979e3b9ff16d47e6266b65d"
x-amz-request-id: KHZFHC5ZP7XFJX3M
Connection: keep-alive
Content-Length: 6232
x-amz-id-2: DUeEghmlP7QY/w95B/wg1ZcUUWkAVNFgwQR64ebnF3IoY+hwWnFsYg8dQMqwljartNKis+Qji2g=
Last-Modified: Tue, 03 Aug 2021 01:52:16 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK e409fe8569921397f5fba3dd59cd468146220.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f0a/ Frame 18CB 4 KB
5 KB 263ms
139ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/f0a/e409fe8569921397f5fba3dd59cd468146220.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1bc73e9c6c3841934cce5d06c9444e0f6b5c8e85d0e71c4d8350995d6844f4e

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RaYyrYXkJnThddYCphJ03sAkd4da0AEs
ETag: "d8dd590d7c70b69c373dbed02beb05eb"
x-amz-request-id: 1C7HT31JVZ37V670
Connection: keep-alive
Content-Length: 4350
x-amz-id-2: CV9pcep0qZGVIhdwkPtMuRsyKTS7DHAkMgyzaYbGTVRogfWhwp2xSqi6HEAPy0GZ41/qXRHALjQ=
Last-Modified: Tue, 03 Aug 2021 04:53:31 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK cd6b356371aa3a06b150e9da85e26e6cb6b59.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/803/ Frame 18CB 6 KB
7 KB 874ms
751ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/803/cd6b356371aa3a06b150e9da85e26e6cb6b59.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f26b03e14d2dabe6081a3de6b971294659c952b301e3f408d10d79ad846c6813

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ux.N4NAFiUbWbJloqM6nf_uuM9bpP2VB
ETag: "3e6198072ef3919de0d20972a2991ba0"
x-amz-request-id: KHZEBZX12TTX1JRJ
Connection: keep-alive
Content-Length: 6649
x-amz-id-2: yIdc5nLGQ5BDu/HN07YPLE3Mu2TeuTpnMcbJXaCS84vVE86xWgQzKjnaQPE8KUFWoiOW11+JhDs=
Last-Modified: Tue, 17 Aug 2021 07:43:35 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 18CB 83 B
611 B 154ms
52ms Image
image/png 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Tue, 17 Aug 2021 11:24:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 18CB 95 KB
33 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:42:28 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 18CB 56 KB
18 KB 178ms
76ms Script
application/javascript 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202108101245
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4e7f32e3f81402b3c4d8dc1142a184036a1ace5db3a2330ff04c36b15a9ad83

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: MW5jHa5RNEcgUY66ZZZ8f4uAPHLfWUtA
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 05:01:02 GMT
Server: Apache
x-amz-request-id: N4NC99X4WW218PRX
ETag: "16dd95c517bcb3ff3b0c55c699603b51"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 17 Aug 2021 11:24:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17654
x-amz-id-2: POWqXLcMmphq8szHKGTAY+LkmPgQ1He7WzyzLeWMIR/qsNKEHu1/ajtKbdWrvp8g71+K0WWvOXc=

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1FC 42 B
108 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveVSMq2NM3cuZ0WAa18pfzqenLeZfbdJdP0Tvss7AC8WcrTNIt4H0x7AAp_tcFNY2VjfAtbYplCXBkD0ezLAPMPmT1bgg3maMRodd1RnrSh_69x_5D&sig=Cg0ArKJSzH-4LuCGjVEvEAE&id=lidar2&mcvt=1000&p=621,1064,871,1364&asp=621,1064,871,1364&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210816&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2760480871&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629199482895&rpt=59&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame 18CB 288 B
882 B 52ms
52ms Image
image/png 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
x-amz-request-id: EA74266792776BC5
Connection: keep-alive
Content-Length: 288
x-amz-id-2: DiGPMEDD6FG//LRhCqEd2o/REhhv+hl+RTRsoU8hcB9UuU3GvvEfjp/NGKPC0lN0KLH/uAR8LO0=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
ETag: "78144ca1e42485765eff8fd58568ec78"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 18CB 661 B
1 KB 52ms
52ms Image
image/png 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: E32F9A2A96EC1028
Connection: keep-alive
Content-Length: 661
x-amz-id-2: l+79vIqacPzsSSknFdRBzC0kd6Jx+ulvbHB/v/bFHO/0li/XnDjoB+RC6SZy0579sKYtPVziwho=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 18CB 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 30250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 03:00:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 18CB 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 16346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 06:52:18 GMT

GET
H/1.1 200
OK dot.png
images.dable.io/static/i/ Frame 18CB 269 B
863 B 52ms
52ms Image
image/png 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/dot.png?2
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
x-amz-request-id: E45D000B98070D9C
Connection: keep-alive
Content-Length: 269
x-amz-id-2: 3QOPLD3eiUL28j/RCN8x8UWQnJRfYpxN4Br6ih71ZlivQTcoJQE36UkHgifFzSMc1uukxZWomZ8=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
ETag: "c6dbfa476effcbda5d070b19378fed29"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 290f9923daa7a09c2e38edeadc5f271095177.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/cf3/ Frame 18CB 6 KB
7 KB 748ms
747ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/cf3/290f9923daa7a09c2e38edeadc5f271095177.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 146be95168ea464dafeaac75a5645e4848a2105d72d53c14007a6c4bf2987ab9

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wxr96m9hXWQReR2oltUCdyOBebXAiT50
ETag: "b3b59d520ded764a90b6c727f02f8acd"
x-amz-request-id: KHZ5XWYXMQZWAD9K
Connection: keep-alive
Content-Length: 6380
x-amz-id-2: oVmq4nxPyeMgA1DwWGvC+Py0O8DyVy6OCfWqRoG6v7t/7v4CjFeTDNtZAc92hre3uWvfN3SuSHA=
Last-Modified: Wed, 04 Aug 2021 21:43:01 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8cc64a14235a2261f751f1ba20ee2e7267379.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/46b/ Frame 18CB 6 KB
6 KB 98ms
97ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/46b/8cc64a14235a2261f751f1ba20ee2e7267379.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e31e4ba6f0cddcf0ccc7ce9dcb6bb00582140514f196001ba03996a6eec77516

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EdXdzfNIIpqRAmHVPQc39P_x_Kz5AEkV
ETag: "b67719dab83b1df466d8a7fdbab5b23c"
x-amz-request-id: 35GFTRJT1ATAW1NW
Connection: keep-alive
Content-Length: 5750
x-amz-id-2: yeWASpVV3nk+DQCjJUcTxDWrKUTpwOo92PCegNJFicrmsVA5oOx5eZAHeUPC8MVST3EOsinT/gU=
Last-Modified: Tue, 17 Aug 2021 08:41:09 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 7bf0dcef1a90b5ec6296ff8b1a30dca7463af.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/fb4/ Frame 18CB 6 KB
6 KB 798ms
798ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/fb4/7bf0dcef1a90b5ec6296ff8b1a30dca7463af.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 555b312e541165fbf369dcea69df26213fc8f2e1998b5428bdb4ee001c8bd664

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NX0v5YNpDUKtGQwfvmcq3eZ8YOdgspPh
ETag: "e5412d762cb6b8d9c03e4f8ce5d4e5ff"
x-amz-request-id: KHZB2H5AQ8R7FGCY
Connection: keep-alive
Content-Length: 6005
x-amz-id-2: +XiCQVIGKflgQGGCuN1uxnDGThYFwoZ/b3/Nfcs5IEjkuWeQntzBn9ojzwcYrcGlpOQVxVzPCow=
Last-Modified: Wed, 04 Aug 2021 21:21:26 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK d71983bcb3f1773d1a4ffb13caa97820c7d6d.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/c13/ Frame 18CB 4 KB
5 KB 88ms
88ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/c13/d71983bcb3f1773d1a4ffb13caa97820c7d6d.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 40b1fb8e87ea47025129b921e045084539aa982e36dbae7f2377e562ddb7ff52

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LxBVZBwzRBZJdh53Pqin.3sUfRHoKX1B
ETag: "ac3a60607458e4cf792889f376393e5e"
x-amz-request-id: PJN98H0WW1D3KJB5
Connection: keep-alive
Content-Length: 4385
x-amz-id-2: brCC8WKpUWu6VHoXkc/IUzj+XxMaLm7TseZ0CROaSgaiNkmCIWpSJWg/7g5w2v+h4H6uTKlO+pM=
Last-Modified: Mon, 16 Aug 2021 16:42:41 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 324fb81784a5bf643f01e3ba4bea7104b14db.jpeg
images.dable.io/thumbnail/news.ntd.com/200X125/1f3/ Frame 18CB 6 KB
7 KB 90ms
90ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/news.ntd.com/200X125/1f3/324fb81784a5bf643f01e3ba4bea7104b14db.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f0a1c7ace56ca4e193da01cc74e777d579180057e43dfcb6844ca10d02eca8c

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PiYCyLo0z4pJ55bmCaQVHUYHaxKwi69G
ETag: "096936d39cd4e0d8229a4bdf52852a03"
x-amz-request-id: 9MJP7FMC2HMBF8MC
Connection: keep-alive
Content-Length: 6615
x-amz-id-2: RvP+5Ky0Nzomj/LZOQqi/yjGpjsIVTFMMhU8/EB4CfvPrEOGwRbreLKoxhiTjiAxoZSRigIMXZw=
Last-Modified: Tue, 03 Aug 2021 20:54:54 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 64bd11305a2de9eec53954e7a15bfac4c225d.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/bcf/ Frame 18CB 5 KB
5 KB 55ms
54ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/bcf/64bd11305a2de9eec53954e7a15bfac4c225d.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2d110619ac97d418b9bbac4cdf378e371c67cc53752386e9de7df6a07c5a55ca

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S4AVwoGYoa1jxUlWso7wwWKZ4XqEVc.T
ETag: "70079a73dbf4bb095229c3e47e1bd9ea"
x-amz-request-id: ZEK1MX9YCR5VE490
Connection: keep-alive
Content-Length: 4961
x-amz-id-2: QBW/ouUdAYl/Ob3wDOhDFXngNWEF7H9iTQHqx/nw++X3C9nnd+3UVGMGGq4oEnetdgR1O+uWD1Q=
Last-Modified: Mon, 26 Jul 2021 14:12:42 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK e05e2eeae1be75c129106d21e8c158e14981f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/32a/ Frame 18CB 5 KB
6 KB 58ms
58ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/32a/e05e2eeae1be75c129106d21e8c158e14981f.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 03199fef5801b7800b74fc18921f459956231076c3f8976ea2ab6a865f0fadce

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .CjjwyXJffnox8g1WpKUmjq4S8ESHgOL
ETag: "08ffaf3e0945e834915d7110ff00b0aa"
x-amz-request-id: 1RVD4MB0MB2Q3PHM
Connection: keep-alive
Content-Length: 5522
x-amz-id-2: U7UozXX87WeHPYA5TpMMUswlyHgQenYPP48Yc2MhYuQ0OtoVdQyNQWQJbUo8WNVeiAdx73Bul1Y=
Last-Modified: Mon, 09 Aug 2021 18:42:27 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 1b4f9761daa5fd93108a5f6b8f89646f87c20.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/1c8/ Frame 18CB 3 KB
3 KB 93ms
92ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/1c8/1b4f9761daa5fd93108a5f6b8f89646f87c20.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c2604fb780ba54d9de4d5da7b6e6a976d8288e2d97f45b81144748a461ccc25f

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: l52FCKJ7qjU1t7HYoADvzyW1I4JRvls1
ETag: "94fd65cc569b730d1f83d77b5bf7b3d3"
x-amz-request-id: ZD3FGTKFM2RJHT4C
Connection: keep-alive
Content-Length: 2926
x-amz-id-2: R4Jyyckvvsr5Cgf/vC7874R7qiVsBQ4BHrr+kcggqnm+p+fjUBfjNtxS7ThvJPVdmxuOPNU27AU=
Last-Modified: Sat, 31 Jul 2021 11:10:28 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 6bb961ff0888dd4bfef4e95a194e215fd64d5.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/72f/ Frame 18CB 4 KB
5 KB 86ms
85ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/72f/6bb961ff0888dd4bfef4e95a194e215fd64d5.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a939b066e48dd9dbb8bffffc7da1c2339d356657aafa86e237ec541047fb9e4b

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: f.Za8ER.T_IN.gREnBQAvZdk5a_At2o8
ETag: "fd30ae5e939788ca212f1c5ed798ff28"
x-amz-request-id: XB6AASANH1A1C2T3
Connection: keep-alive
Content-Length: 4255
x-amz-id-2: N5qBATXu4mQLR3vXGhnil5wYFoTK2Sk8x3rdUyYRlIFbEf3yftnxMOTRmFW3vJv0olKi2M5Ljss=
Last-Modified: Sat, 14 Aug 2021 20:39:35 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 8bc590c764fbec9d8931c5338a42d44b45709.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/456/ Frame 18CB 3 KB
4 KB 95ms
94ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/456/8bc590c764fbec9d8931c5338a42d44b45709.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3aa980cfe54cd9d9fc5328b2f1a23eaae9def153a3bef793ddd2d9af5310dc55

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _PnRdh1WxUwVJIGByKknH8OV2pY.7Gkv
ETag: "682acd72fe37dd267772e01acfb5a7a8"
x-amz-request-id: X2JJ710D3JY6PCFC
Connection: keep-alive
Content-Length: 3425
x-amz-id-2: TNLIf9fcQC49u0p9NLHKwjUGVWBfHIenNSPaUajafehgkYTsW1oNEYQfEzmsfWdFtMsA267mHys=
Last-Modified: Tue, 17 Aug 2021 04:01:11 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK ac3e57dc528922d9a4b8cffbafabd8c1190e9.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/4d1/ Frame 18CB 7 KB
7 KB 789ms
789ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/4d1/ac3e57dc528922d9a4b8cffbafabd8c1190e9.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 84e7662d92c3358e4d1b1c4185de74d4673104c12ab79e32400416eecfa1ac0b

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gXhZ7RRB55SoRryPoTvOD1BnasHZzhAb
ETag: "50bdf46298bb3e395aca93d2603ada4c"
x-amz-request-id: M5VEE35G6G6EABJV
Connection: keep-alive
Content-Length: 6735
x-amz-id-2: R3tyrFjgU2kqqJbNBwElomuOwmBEcMFR+0ZOXwSvZvwNzTmE7JA1yj7PPDLcVe94YtKZZFw/1Lk=
Last-Modified: Mon, 16 Aug 2021 21:21:48 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 69b289de5d72f5735df393e3545c5ac3ec849.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/632/ Frame 18CB 6 KB
7 KB 88ms
87ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/632/69b289de5d72f5735df393e3545c5ac3ec849.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 098586ce2788ee4aede3f5e479e4814b3dafcc85d14b67dcff266ae7d04d17c2

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tvRAg89YskKQNXCh5pz5RKDz.Qy0fIN.
ETag: "dede61b26c6d42a6870483b54c576024"
x-amz-request-id: ZD38X2TJZPSXFBXY
Connection: keep-alive
Content-Length: 6481
x-amz-id-2: YfJvjMQnOOHStqPx7r6Cxat1DbidZQ7vj4fsBewZ50Bpkay90bUmK1hjXidm40BofIh9OykSV+I=
Last-Modified: Mon, 16 Aug 2021 20:40:13 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 7916ea786d516f90aadf046b3147b976a4257.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/380/ Frame 18CB 3 KB
3 KB 93ms
91ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/380/7916ea786d516f90aadf046b3147b976a4257.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fd9963901e8b2d2bedbd2fd928cef4dc7c8b553f1e7c438c6b0c30e33ec5ce88

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SfHSIfXk0os0hLCN5aIR0fiJx0ZXiLrw
ETag: "907d2b66c59ba39635253aaa694b4c6e"
x-amz-request-id: PR3A9P1942XNG4A8
Connection: keep-alive
Content-Length: 2937
x-amz-id-2: zl3FD98uupgHQWGsgWvRSdVn7Dpx46/2760q8FnCWePyVur2PdRxLZ38xoEwfs8Hen5n2Sqknuo=
Last-Modified: Tue, 17 Aug 2021 04:38:15 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5c228751b38e4218eb6252fe4eb59b6394e40.jpeg
images.dable.io/thumbnail/news.ntd.com/200X125/8dd/ Frame 18CB 4 KB
4 KB 743ms
743ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/news.ntd.com/200X125/8dd/5c228751b38e4218eb6252fe4eb59b6394e40.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e67455ca5eb27f3cbf5273c8e244b03b1d8ad005eaf9e106e0e264ab0bcad858

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KzfuF2jKEf7bjxi6S5.JgNTZBoU81kXZ
ETag: "852ccb0a14de0217f5167441019ff26f"
x-amz-request-id: M5VAHNGD6K7ZJRVA
Connection: keep-alive
Content-Length: 3946
x-amz-id-2: NSZq55AmzdDBiRwq68CjG15/N5GnmkI2yzfOsiUibyUas7HwOIh0g7Q2RU8//ZVqX/HI3KUiClc=
Last-Modified: Tue, 17 Aug 2021 10:50:10 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 84e4627091eb431a57c7a45bf4cec5c7a6628.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/0dc/ Frame 18CB 7 KB
7 KB 81ms
81ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/0dc/84e4627091eb431a57c7a45bf4cec5c7a6628.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c3825759524e1546e8c9514b0dd34f5894736a6fdd492f70a1b36c30709e7525

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 01y.Bbsk2EcqxrTSwMM77PMlAvbUP2JU
ETag: "b8c0fe8024e0678912b9c17e04b9a1d0"
x-amz-request-id: CPNX0Y68CQS4F95D
Connection: keep-alive
Content-Length: 6774
x-amz-id-2: U2Ag+wcdY7Uq2YFLUBbsanUZpvCjlYO1V9ujJjjzkzNVKkXTnr97wN0Weoi7EmqdDqwwNG/EEyM=
Last-Modified: Sat, 14 Aug 2021 11:58:11 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 10598a65844daa66c6c1036e99e495275e1ab.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/808/ Frame 18CB 7 KB
8 KB 90ms
90ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/808/10598a65844daa66c6c1036e99e495275e1ab.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e6a3e2505b7f3c486259bdbfe5196d7848b6f0ab58cf8e60fac7896c688d31e

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P4oRanUr5S_pLlu_2GItIiDVsCGX5WdF
ETag: "5f39e221ee39bda1ad2c94b1e1fa7497"
x-amz-request-id: 10GNS12KZW8R80FK
Connection: keep-alive
Content-Length: 7159
x-amz-id-2: 7dZQluWhPCDZyNQmQHS/uoTytnaGtIN4SI4flcK0m35EWYWv0b2HEVcXrOTrig1uUYWb+QLtEnA=
Last-Modified: Mon, 16 Aug 2021 06:22:00 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK db76cbbe92b9beb3e747518fad53a6b245b93.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/686/ Frame 18CB 5 KB
5 KB 55ms
54ms Image
binary/octet-stream 184.24.21.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/thumbnail/img.ntd.com/200X125/686/db76cbbe92b9beb3e747518fad53a6b245b93.jpeg
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.21.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-156.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3771a301c266c7cd233c66b7fe9236c804307a0dc4247bc72b209ec731dd1149

Request headers

Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gunV_UkA0jEvCk0vupltmjqwlYp8jcF0
ETag: "71ef98daa624c77a60db779d9be85647"
x-amz-request-id: S5XW9V03KTWP8HEP
Connection: keep-alive
Content-Length: 4615
x-amz-id-2: 6poJdgzJg4U3lkots0YcxE72f3HRZ9aWswmMrJPe5LY3h7TqWcPNh5qgYx6S1fwb1ZOUZM3Qrny3QOsa/LTxmQ==
Last-Modified: Fri, 13 Aug 2021 19:50:50 GMT
Server: Apache
Date: Tue, 17 Aug 2021 11:24:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame A864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

73ms
72ms

Document
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

content-type: image/png
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 11:39:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 81CD 38 KB
14 KB 58ms
58ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=152232
expires: Thu, 19 Aug 2021 05:41:56 GMT
date: Tue, 17 Aug 2021 11:24:44 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 32BA 281 B
554 B 147ms
50ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 17 Aug 2021 11:24:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame B9DF 0
0 56ms
54ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 680289a7ec7c16a5-ARN

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 39BF 52 KB
17 KB 195ms
79ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 18 Aug 2021 11:24:46 GMT
Date: Tue, 17 Aug 2021 11:24:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 37D9 38 KB
14 KB 67ms
67ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=152232
expires: Thu, 19 Aug 2021 05:41:56 GMT
date: Tue, 17 Aug 2021 11:24:44 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2C6A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=

35 B
237 B

69ms
68ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master zrh-pixel-x25
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=9d68611b-9c7b-4b00-a0af-cc216c610d4d; domain=.mathtag.com; path=/; expires=Wed, 14-Sep-2022 11:24:43 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=9d68611b-9c7b-4b00-a0af-cc216c610d4d&gdpr=1&gdpr_consent=
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame E596
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

66ms
66ms

Document
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

content-type: image/png
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 11:39:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 7404
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=

35 B
237 B

68ms
67ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master zrh-pixel-x3
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=8b23611b-9c7c-4d00-8a82-0ba1bad6274d; domain=.mathtag.com; path=/; expires=Wed, 14-Sep-2022 11:24:44 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=8b23611b-9c7c-4d00-8a82-0ba1bad6274d&gdpr=1&gdpr_consent=
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FD34
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=

35 B
237 B

68ms
68ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master zrh-pixel-x25
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=5952611b-9c7c-4e00-9080-52952248f9a9; domain=.mathtag.com; path=/; expires=Wed, 14-Sep-2022 11:24:44 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=5952611b-9c7c-4e00-9080-52952248f9a9&gdpr=1&gdpr_consent=
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 1A55
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
725 B

56ms
56ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 7adb924789a448b43bcbedbcf580a82942d5414e832e8eb7a9c15fe9592a1ed9

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=56d61d8a-d23f-4e87-9136-37df7c94c5cc|1629199484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=56d61d8a-d23f-4e87-9136-37df7c94c5cc|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629199484|gekin0vNiygu; Version=1; Expires=Wed, 01-Sep-2021 11:24:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: text/html
content-length: 421
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=56d61d8a-d23f-4e87-9136-37df7c94c5cc|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Tue, 17 Aug 2021 11:24:44 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 1C59
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
754 B

54ms
54ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 225182a1677f3efdf62a4c47eaa29a37cb309b32fafd8b0f772464dd7633663e

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=a175d318-9971-4bcf-9f3b-8454541f6276|1629199484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=a175d318-9971-4bcf-9f3b-8454541f6276|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629199484|gekin0vNiygu; Version=1; Expires=Wed, 01-Sep-2021 11:24:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=a175d318-9971-4bcf-9f3b-8454541f6276|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Tue, 17 Aug 2021 11:24:44 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame 8BB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

64ms
64ms

Document
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

content-type: image/png
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 11:39:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

pixel Show response
cm.g.doubleclick.net/ Frame 2BA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

170 B
188 B

71ms
71ms

Document
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

content-type: image/png
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=&google_tc=
date: Tue, 17 Aug 2021 11:24:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 11:39:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 2BBC 70 B
264 B 606ms
64ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame EC93 70 B
264 B 643ms
102ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 748C 2 KB
1 KB 1519ms
64ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 2716 70 B
264 B 603ms
65ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7C36 2 KB
1 KB 1575ms
56ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 4A94
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
723 B

53ms
53ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: baced0a3942e83f9cddece1bfc471088d7e2f33e9917bdd76ad6f24bdc9d79eb

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=8d4adfc8-603f-4ab8-9c0b-4418e469eaa3|1629199484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=8d4adfc8-603f-4ab8-9c0b-4418e469eaa3|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629199484|gekin0vNiygu; Version=1; Expires=Wed, 01-Sep-2021 11:24:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=12839e98-c794-4ce9-baf7-22db14290df0|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Tue, 17 Aug 2021 11:24:44 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame E1A2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

35 B
237 B

68ms
68ms

Document
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master zrh-pixel-x3
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45; domain=.mathtag.com; path=/; expires=Wed, 14-Sep-2022 11:24:44 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B3FD 38 KB
14 KB 74ms
74ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=152232
expires: Thu, 19 Aug 2021 05:41:56 GMT
date: Tue, 17 Aug 2021 11:24:44 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BC43 52 KB
17 KB 239ms
62ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 18 Aug 2021 11:24:46 GMT
Date: Tue, 17 Aug 2021 11:24:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame D352
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
719 B

59ms
59ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: baced0a3942e83f9cddece1bfc471088d7e2f33e9917bdd76ad6f24bdc9d79eb

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=8d4adfc8-603f-4ab8-9c0b-4418e469eaa3|1629199484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=8d4adfc8-603f-4ab8-9c0b-4418e469eaa3|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1629199484|gekin0vNiygu; Version=1; Expires=Wed, 01-Sep-2021 11:24:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=8d4adfc8-603f-4ab8-9c0b-4418e469eaa3|1629199484; Version=1; Expires=Wed, 17-Aug-2022 11:24:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.213.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Tue, 17 Aug 2021 11:24:44 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 06AB 0
0 38ms
38ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 680289a7fcc616a5-ARN

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame A8E0 0
0 62ms
62ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 680289a80ce616a5-ARN

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 9FBD 70 B
264 B 630ms
102ms Document
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2BA4 2 KB
1 KB 1623ms
57ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5123 2 KB
1 KB 1679ms
56ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B0FF 52 KB
17 KB 298ms
63ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 18 Aug 2021 11:24:46 GMT
Date: Tue, 17 Aug 2021 11:24:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7553 52 KB
17 KB 360ms
62ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.ntd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 18 Aug 2021 11:24:46 GMT
Date: Tue, 17 Aug 2021 11:24:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2186 38 KB
14 KB 74ms
74ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=152232
expires: Thu, 19 Aug 2021 05:41:56 GMT
date: Tue, 17 Aug 2021 11:24:44 GMT
vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame 7D0B 0
0 32ms
32ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

date: Tue, 17 Aug 2021 11:24:44 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 680289a80cf516a5-ARN

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
https://rtb.gumgum.com/usersync?b=apn&i=2573713551719923911

35 B
237 B

68ms
68ms

Image
image/gif

54.77.19.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=2573713551719923911
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:45 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8801788f-3245-4d69-834c-1f79cb0f767a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=2573713551719923911
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

id5
audex.userreport.com/sync/put/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F8%2F2.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1
https://id5-sync.com/c/441/487/8/2.gif?puid=bb863a41-71b6-42ba-9315-6d2d0a62ec58&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fp...
https://id5-sync.com/cq/441/124/7/3.gif?puid=03950ca4-1c33-4e27-9466-f67cb85804a3&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=4a2e79d7-6970-4817-8d8c-f9c01e4c7483&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEOlZCaiN_o2AJM0kHm48WLw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2573713551719923911&opid=apx&ops=&utidl=tech:goo:CAESEOlZCaiN_o2AJM0kHm48WLw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19936197936&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/4/6.gif?puid=2d7a016c3799a6897ec93f85b955fb53&gdpr=1&gdpr_consent=
https://audex.userreport.com/sync/put/id5?idfiveid=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F477%2F3%2F7.gif%3Fpuid%3D%25s%26gdpr%3D1%26gdpr_consen...

0
0

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 1497ms
50ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 81CD 0
39 B 57ms
56ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27124990&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:43 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 32BA 31 KB
10 KB 50ms
50ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1ebea22111afea2da34495d1e226f8bd4c2c98846177d1ee119f4f0b396bd33

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67642
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Wed, 18 Aug 2021 06:12:06 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 39BF
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

49ms
49ms

Script
text/html

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 23984b3e-b102-4b5e-a5eb-9485e56acac6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 12ee2b23-0d7c-4d8e-acf8-1de6aa3cf2e5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 32BA 284 B
536 B 215ms
55ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BC43 0
731 B 49ms
49ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 128e522b-493f-4ccf-a00b-0359507886ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B0FF 0
731 B 65ms
65ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6c19815c-8bd5-4cf3-ac21-5d49f965bfd5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7553 0
731 B 83ms
82ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:44 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b1ebc69e-7045-4936-8cb0-fb3cc3cfd60d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1C59
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

43 B
106 B

98ms
95ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1C59
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=DwWP_gBXif8UUdz6X1GTrw1V3PkUVt-pWlIop8aH

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=DwWP_gBXif8UUdz6X1GTrw1V3PkUVt-pWlIop8aH
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:45 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=DwWP_gBXif8UUdz6X1GTrw1V3PkUVt-pWlIop8aH
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1C59
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2841531562354892226

43 B
106 B

74ms
74ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2841531562354892226
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2841531562354892226
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1C59 70 B
264 B 233ms
103ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=72d9ec41-30f6-7438-c5ed-4cbc3038518b&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 1C59 170 B
188 B 67ms
65ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWViNjNmOGItZjk4MS0yYTljLWQwMGQtMTYwNWZhZGE5ZmVi

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1C59
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMEoitUjAZNAu0JrCJ3CWE&google_cver=1

43 B
106 B

63ms
60ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMEoitUjAZNAu0JrCJ3CWE&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDMEoitUjAZNAu0JrCJ3CWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1A55
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

43 B
180 B

56ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1A55
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0uvgBt255gfJv7JU1u38UNXq5VfJ7uhT3OlboTUC

43 B
106 B

54ms
54ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0uvgBt255gfJv7JU1u38UNXq5VfJ7uhT3OlboTUC
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:45 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0uvgBt255gfJv7JU1u38UNXq5VfJ7uhT3OlboTUC
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1A55
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8652100472720559518

43 B
106 B

66ms
65ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8652100472720559518
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8652100472720559518
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1A55 70 B
264 B 231ms
102ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=857a22d3-7bb8-7170-cbe0-ff3718b3f631&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 1A55 170 B
188 B 67ms
65ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTkxNWYxMTktYjJjZi0yZmQ0LWRlMDAtYTU4ZWQyNTEzODUx

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1A55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtz5XygAevVibhgnxCUH10&google_cver=1

43 B
106 B

54ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtz5XygAevVibhgnxCUH10&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAtz5XygAevVibhgnxCUH10&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4A94
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4A94
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zHgyKsMqNCvXLGB4wy8ufs4sOivXLDQtz3-3A1v3

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zHgyKsMqNCvXLGB4wy8ufs4sOivXLDQtz3-3A1v3
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:45 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zHgyKsMqNCvXLGB4wy8ufs4sOivXLDQtz3-3A1v3
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4A94
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=690381805057342619

43 B
106 B

52ms
52ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=690381805057342619
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=690381805057342619
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4A94 70 B
265 B 192ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5ee6e091-c9b8-754f-c6dd-8cf0804ed95e&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 4A94 170 B
188 B 67ms
66ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzI4OTMzNWItMDBjZi0yYmViLWQzM2QtZDY0OTRhYWMxNzNl

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4A94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVkeWX0TgYIfaUD7kG3K0k&google_cver=1

43 B
106 B

55ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVkeWX0TgYIfaUD7kG3K0k&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELVkeWX0TgYIfaUD7kG3K0k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D352
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.213.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.213.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:44 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:43 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D352
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rNn8mqOL-pu3ja7LqongwfjcrMq32v7OqY7wQwYG

43 B
106 B

52ms
52ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rNn8mqOL-pu3ja7LqongwfjcrMq32v7OqY7wQwYG
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:45 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rNn8mqOL-pu3ja7LqongwfjcrMq32v7OqY7wQwYG
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame D352
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7898167966703348299

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7898167966703348299
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7898167966703348299
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame D352 70 B
264 B 189ms
65ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=5ee6e091-c9b8-754f-c6dd-8cf0804ed95e&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame D352 170 B
188 B 65ms
64ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzI4OTMzNWItMDBjZi0yYmViLWQzM2QtZDY0OTRhYWMxNzNl

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D352
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpfuiZAI0tzB-Znqw4g7H8&google_cver=1

43 B
106 B

53ms
53ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpfuiZAI0tzB-Znqw4g7H8&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpfuiZAI0tzB-Znqw4g7H8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 39BF 0
731 B 49ms
48ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cb934a7b-d07c-4bfd-8197-1338cf6a2659
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BC43 0
731 B 76ms
75ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1c3abe16-3db8-4bdb-b7cf-ae1ff8c0fdaf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B0FF 0
731 B 50ms
50ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 23bc41bf-b042-43a6-b29f-f6b0e98317b5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7553 0
731 B 49ms
49ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
X-Proxy-Origin: 31.13.191.142; 31.13.191.142; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 617d166a-82f5-44bb-8960-9154bd8279ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 3769
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

126ms
95ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24ee07dc2d6d135c2e3161335ef953d0ebe11fedb14bb75945cc0668db1c46ec

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YRucfX-DxPbtBk9gYVqWKgAA; CMPS=235
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|45|5|41|51|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1637
Expires: Tue, 17 Aug 2021 11:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfX-DxPbtBk9gYVqWKgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMPRO=319;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMRUM3=28611b9c7d05a00&2d611b9c7d05a0&f1611b9c7d05a0&05611b9c7d05a0&e6611b9c7d2760&27611b9c7d0b40&33611b9c7d05a0&29611b9c7d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMST=YRucfWEbnH0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 18 Aug 2021 11:24:45 GMT

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 17 Aug 2021 11:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfX-DxPbtBk9gYVqWKgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame D497
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

133ms
98ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a4af26b63db62b331d9ced148bb44cb2fc3356fac9d4905a7604e031fbc961a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=235; CMID=YRucfToH03biAboZXQ.vnQAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|45|57|5|51|90
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1644
Expires: Tue, 17 Aug 2021 11:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfToH03biAboZXQ.vnQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMPRO=214;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMST=YRucfWEbnH0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 18 Aug 2021 11:24:45 GMT CMRUM3=33611b9c7d05a0&27611b9c7d0b40&5a611b9c7d05a0&2d611b9c7d05a0&39611b9c7d05a0&05611b9c7d05a0&f1611b9c7d05a0&e6611b9c7d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 17 Aug 2021 11:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfToH03biAboZXQ.vnQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT

GET
H/1.1 200
OK impression Show response
api.dable.io/logs/services/ntd.com/users/83064965.1629199482533/ Frame 18CB 2 B
157 B 290ms
290ms XHR
text/plain 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/logs/services/ntd.com/users/83064965.1629199482533/impression?source=618591&pick=&rm=30.1.7%2F30.50.3&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=83064965.1629199482533&widget_id=Ql9OO5o4&request_id=ywoxRZ2Grhyj3EZw&reco_list_lz=NobwRAlgJmBcYDYCsBmAnEgTGANGAtgKYAuAFgPYzwoAMAdAIx0DsYAvjuNHIggyswAcuAiQpUwtOknop2nSBIR8ENBiKJlKPKTLpyOXJakyqNY7dXpNWhxT2QokaVnk3id1lvKMO%2BNGXMtCV1ZH3t4ZAAWKKQEII8rRm87bki%2BBkEkBMtJej0DBTTEJFjnHJCvWyKlfyjsNwtK6TDU4xRBKPjG4M8W-XDihCjBNBcKvoLB42YaNG7RXqSptocsTEEGxcS8-sLfdIC0Lfdc0IHV9IYGTCiJ5daav2uo9R6d8-2I3mukN%2B2zvlHgcfihbvddisnlcUFE5O9AXtpn4AghXADmlCQcoGHNsgjMcDvso1AhhATJq0ALpAA&uri=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://api.dable.io/widgets/id/Ql9OO5o4/users/83064965.1629199482533?from=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&ref=&cid=83064965.1629199482533&uid=83064965.1629199482533&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=CCP%20Virus&ad_params=%7B%7D&item_id=618591&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 2E67
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

108ms
108ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0b02e9d70aa2e4ef933e09fba8db2a5b26cef44cc9f8df4abb9c5c5ad8c5e97

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=235; CMID=YRucfTfkhDO8ir8fzggS.gAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|45|3|13|221|156
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1959
Expires: Tue, 17 Aug 2021 11:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfTfkhDO8ir8fzggS.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:46 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:46 GMT CMPRO=309;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:46 GMT CMRUM3=dd611b9c7e2760&27611b9c7e0b40&9c611b9c7e05a00&f1611b9c7e05a0&2d611b9c7e05a0&0d611b9c7e05a0&e6611b9c7e2760&03611b9c7e05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:46 GMT CMST=YRucfmEbnH4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 18 Aug 2021 11:24:46 GMT

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 17 Aug 2021 11:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfTfkhDO8ir8fzggS.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 13DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

77ms
77ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a6fa2894cab74ebaf6dd654cc93b8d74d1ef487e9642d92013f32948d7052c7a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=235; CMID=YRucfTfkhDO8ir8fzggS-AAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|221|218|3|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1837
Expires: Tue, 17 Aug 2021 11:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfTfkhDO8ir8fzggS-AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMPRO=286;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT CMST=YRucfWEbnH0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 18 Aug 2021 11:24:45 GMT CMRUM3=27611b9c7d0b40&dd611b9c7d2760&da611b9c7d2760&82611b9c7da8c0&2d611b9c7d05a0&f1611b9c7d05a0&03611b9c7d05a0&e6611b9c7d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT

Redirect headers

Server: Apache
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 17 Aug 2021 11:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:45 GMT
Connection: keep-alive
Set-Cookie: CMID=YRucfTfkhDO8ir8fzggS-AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Aug 2022 11:24:45 GMT CMPS=235;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 15 Nov 2021 11:24:45 GMT

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/ntd.com/users/83064965.1629199482533/ 54 B
285 B 317ms
317ms Script
text/javascript 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 3769
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

43 B
315 B

68ms
67ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3769 70 B
264 B 66ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRucfX-DxPbtBk9gYVqWKgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3769
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&dcc=t

43 B
645 B

400ms
132ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X73QZJM029RJG2ERZFVP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N21FG2FSX4T7VG688PV3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfX_DxPbtBk9gYVqWKgAAAT8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3769
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfX-DxPbtBk9gYVqWKgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1

43 B
998 B

371ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 3769 0
0 32ms
14ms Image
text/html 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 3769 43 B
408 B 215ms
63ms Image
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-5
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 3769 43 B
145 B 52ms
51ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3769 43 B
425 B 57ms
57ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRucfX-DxPbtBk9gYVqWKgAA%26319
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2954
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 12:14:00 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 359B
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

130ms
130ms

Document
text/html

18.233.75.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-75-25.compute-1.amazonaws.com
Software: /
Resource Hash: 47b86485ed682a860a05f6089ee12578c5a5e569e38232a374c98fed65be7c7d

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=07472916-ca34-4d47-9ea3-c23e6829bbea
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Tue, 17 Aug 2021 11:24:46 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Tue, 17 Aug 2021 11:24:46 GMT
pragma: no-cache

Redirect headers

date: Tue, 17 Aug 2021 11:24:46 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=07472916-ca34-4d47-9ea3-c23e6829bbea; Path=/; Domain=eqads.com; Expires=Wed, 17 Nov 2021 11:24:46 GMT; Secure; SameSite=None

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 13DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfToH03biAboZXQ.vnQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

43 B
997 B

380ms
74ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 13DA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&dcc=t

43 B
645 B

388ms
133ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6G3717ZJWT655W7XEAV5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 05YXKBM1GRBDR1RM91X2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 13DA 70 B
264 B 66ms
63ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRucfTfkhDO8ir8fzggS-AAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 13DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfTfkhDO8ir8fzggS_AAAAR4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

43 B
315 B

68ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=YRucfTfkhDO8ir8fzggS-AAA%26286
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 13DA
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1

49 B
265 B

102ms
102ms

Image
image/gif

52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.215
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.4.218
content-length: 0
expires: 0

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YRucfTfkhDO8ir8fzggS-AAA%26286
dpm.demdex.net/ Frame 13DA 0
0 522ms
69ms Image
application/json 34.240.124.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YRucfTfkhDO8ir8fzggS-AAA%26286?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.124.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-124-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 13DA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

43 B
1007 B

486ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:45 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 13DA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAoSE7CNzkAAB5EgjEZzA&expiration=1630409089&gdpr=1

43 B
1 KB

85ms
85ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAoSE7CNzkAAB5EgjEZzA&expiration=1630409089&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:49 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAoSE7CNzkAAB5EgjEZzA&expiration=1630409089&gdpr=1
Date: Tue, 17 Aug 2021 11:24:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 13DA 43 B
425 B 78ms
56ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRucfTfkhDO8ir8fzggS-AAA%26286
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2954
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 12:14:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame D497
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfToH03biAboZXQ-vnQAAANYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

43 B
315 B

66ms
66ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D497 70 B
264 B 68ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YRucfToH03biAboZXQ.vnQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D497
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB&dcc=t

43 B
645 B

252ms
132ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YMZGNXQ9EEC3HD2FHSXH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: J9HS6ZTZ2XQW880DQEDQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfToH03biAboZXQ-vnQAAANYAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D497
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfToH03biAboZXQ.vnQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

43 B
997 B

379ms
71ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D497
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972425837036

43 B
1 KB

80ms
79ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972425837036
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:47 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972425837036
Date: Tue, 17 Aug 2021 11:24:47 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 200 ix
ad4m.at/ad/sim/ Frame D497 0
0 25ms
13ms Image
text/html 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sync
x.bidswitch.net/ Frame D497 43 B
145 B 52ms
50ms Image
image/gif 52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame D497
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

45ms
45ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Aug 2021 11:24:47 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Tue, 17 Aug 2021 11:24:47 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 16 Aug 2021 11:24:47 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame D497 43 B
425 B 130ms
56ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRucfToH03biAboZXQ.vnQAA%26214
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2954
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 12:14:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 2E67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1

43 B
315 B

68ms
67ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMzArf7wBF3T3wku8c5JHVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2E67 70 B
264 B 67ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YRucfTfkhDO8ir8fzggS.gAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2E67
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&dcc=t

43 B
645 B

145ms
133ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 323J66XNS2E3Z0M3J3B4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B7HV6B37CNRZCA0N66NQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRucfTfkhDO8ir8fzggS-gAAATUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2E67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRucfTfkhDO8ir8fzggS.gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2

43 B
998 B

375ms
73ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPTenXfU2RAPDNZ8EO07A1M&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2E67
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=

43 B
1007 B

544ms
73ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:46 GMT

Redirect headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Server: MT3 3831 a91c15f master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0d1611b-9c7c-4200-ba2c-fb864d5d6b45&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 17 Aug 2021 11:24:45 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2E67
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=069922040047f8465263e5b2&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

77ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=069922040047f8465263e5b2&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:47 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=069922040047f8465263e5b2&expiration=[EXPIRATION]&gdpr=1
Date: Tue, 17 Aug 2021 11:24:47 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2

200

tpid=YRucfTfkhDO8ir8fzggS.gAA%26309
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 2E67
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1

49 B
737 B

75ms
75ms

Image
image/gif

52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.219
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:46 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRucfTfkhDO8ir8fzggS.gAA%26309?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.22.4
content-length: 0
expires: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2E67 35 B
380 B 1564ms
133ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:40 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2E67 43 B
425 B 174ms
56ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRucfTfkhDO8ir8fzggS.gAA%26309
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:46 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2954
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 12:14:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 359B 43 B
1 KB 243ms
72ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=07472916-ca34-4d47-9ea3-c23e6829bbea&expiration=1637148286
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Aug 2021 11:24:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Aug 2021 11:24:47 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/ntd.com/id/618591/ 103 B
376 B 315ms
315ms Script
text/javascript 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/618591/checksum?callback=dbljson4

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

73a4c98eb7ead2b88f323f7405be187285b58bc4916658d2d837adb1cee6c068

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"67-kjjjJLRWCSJE/uVLJ7iTrrjBh30"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 115

GET
H2 200 test Show response
www.youmaker.com/g/ 7 B
70 B 52ms
52ms XHR
application/json 35.201.68.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youmaker.com/g/test
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.68.206 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 206.68.201.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154

Request headers

Accept: */*
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:48 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 7

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 260ms
157ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 17 Aug 2021 11:24:49 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 81cf5fcec743221e803d823937d9cbf0ff68c05b4a3133df81cf7e914315ce9c
x-transaction: 9c587fa2bb88f861
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 34A4 28 KB
10 KB 237ms
237ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=251%2C159%2C226%2C186%2C188%2C222%2C225%2C203%2C3015%2C3014%2C108%2C273%2C175%2C80%2C193%2C3008%2C3%2C126%2C178%2C214%2C184%2C201%2C246%2C148%2C2033%2C255%2C3018%2C157%2C208%2C97%2C77%2C229%2C109&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d142248ecdfe7cffbd64eb3e2856af9127303196868d66b20541fee9b4edd034

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=251%2C159%2C226%2C186%2C188%2C222%2C225%2C203%2C3015%2C3014%2C108%2C273%2C175%2C80%2C193%2C3008%2C3%2C126%2C178%2C214%2C184%2C201%2C246%2C148%2C2033%2C255%2C3018%2C157%2C208%2C97%2C77%2C229%2C109&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Fri, 18 Feb 2022 11:24:49 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2722010899470215000V10; Expires=Wed, 17 Aug 2022 11:24:49 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=167950
expires: Thu, 19 Aug 2021 10:03:59 GMT
date: Tue, 17 Aug 2021 11:24:49 GMT
content-length: 9866

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 53ms
53ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Tue, 17 Aug 2021 11:24:49 GMT
Server: nginx
Connection: keep-alive

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b24fa2988d959518279c66ac6670a43a8f5bd18c9a9ac5cc96dd08f99a9f612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Aug 2021 11:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8541
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 17 Aug 2021 11:24:49 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0690 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 17 Aug 2021 09:24:00 GMT
expires: Wed, 17 Aug 2022 09:24:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E3A8 783 B
759 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f8490d7c6f4ebdc5efc83d059e43e22eac8d0e6df9ea43f052e15878a5cbde0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4c7gIo+TbIZo61atfvBygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ntd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.ntd.com/

Response headers

expires: Tue, 17 Aug 2021 11:24:49 GMT
date: Tue, 17 Aug 2021 11:24:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4c7gIo+TbIZo61atfvBygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 0690 35 KB
13 KB 52ms
51ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 09:11:54 GMT

GET
H2 200 log
c21lg-d.media.net/ Frame 34A4 35 B
194 B 219ms
217ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2722010899470215000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-c&pvgid[]=data-bs&pvgid[]=data-ct
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=251%2C159%2C226%2C186%2C188%2C222%2C225%2C203%2C3015%2C3014%2C108%2C273%2C175%2C80%2C193%2C3008%2C3%2C126%2C178%2C214%2C184%2C201%2C246%2C148%2C2033%2C255%2C3018%2C157%2C208%2C97%2C77%2C229%2C109&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:49 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 17 Aug 2021 11:24:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081201&jk=3174365396658028&bg=!9Pel97PNAAZvV8FTb1c7ACkAdvg8WmhQ0lPGP6BU4KMkw4oVf2b_udbOcaT8R_BKIMxa4-lhSaOqpQIAAABaUgAAAAloAQcKARVMvO0F9oNYuMuM50kcVfKX91BXkRQZNDVyDtkrLNGlTwTLXL_U-1Hnija-XHpfd4jIcjzCr4LYEYXozWyXHIHuzQq3DtCtQ2OsLC6Hw9T1TanQQM7S0Y3C8b6QIJZKjRr5LgAY3FqALmvp8yOp9h57LRgUtK3dH8OXGva-YyG43BYyPLLjvvQ1mzgGMv1fhTPD-C-uhO_K8A5E4h6UwNjzWUL4m3HHZnYqTuwfX2VSTCfZ4E69f00AR99j3GjRTWvZqfXmrnKejA4qqJxZK_RfSi33NKLQxvmMK813L91Sqq-qubYqVHzDppmg4fLJPj7Ptc_KBp6so9F22j4XpYFtUQMmCI4gCfM5LNN98JKKi6-Rbw1VmQJxs4IoH8jgwO0cgYGlPMcr7xsor8ZIdDlqc9XvQk5h4TCrPM1C_XY9PenS1ESfAyxDlT7bhd97Yd3U5rz03biDoVHf9KOVCGF2_6mDmOj8bS0scY0Yz1NXIXms1jb_YuvO7T9YYC2vc9N86JSGFgef_Zw6Z4CovT9OpnZblFfzGLPH89aWjvkA7NcUtC0alI9Wj97D8I4vfDapfEMpTopzuYFTJdkBW6_HxtVRgAwtSeLmjqdnfijkp92_qaDGm3CNiwvVtpkgC6F3wH4HL9q_4CAgkD8QqOPI0-yxLQyyRjOwvqv6A__7_Jq-Iwoj-qg94JehsbJJU_gVavfZNZq1dQt7M8Z85k-_qJwbzDr70Tvh9rPS2-GaEXPkvumVGOQFYzZkLFnJojCTjZ_X6SJpSg6bZsmPwB2kazYrDikMXREvarv7co5j2pWCp_1w9bNms5rn6UF3NTTdYwSVZHUjQ2j-Fetz_aUIThJ_d7zBK8Gtto7_LGgI3QLaOZk46tvufQRUTCJa0XGXMeaiFzhZF6-ftGUx4Kr-pq9mtxUJST_0EvM87RLH6zTrh1Ng-vaDd2tXrUmJFXY_ofWIACVrifkwLDd6RIb36F3WFSiil5LG4IM5NSCrBBwq6GBEyUFMWiO8h5dKWDukRTndHEcLQM2HSK5sWCPhDxilo_mMOzy9bQRgh-6qL1oxb2ICdHtKel_bx8n1W5N1OIDVqamn5Ie_MQnR5W86sfGTd3-n6obVXpA0JUB0Z4Y2tGMEu5xt0jr57eIV0cVgMuVykV7oqA_bu59AEMITcNcTD2nLXamlkImvK2r3nqVpw-Uddj2J7Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 165ms
165ms Ping
image/gif 142.250.68.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~ksfzb1to&c=2559838718364&slotId=1279919359182&met.4=hvd_lc.ksfzb1to~hvd_ad.ksfzb1to~hvd_mad.ksfzb1to~hvd_admu.ksfzb1to~hvd_src.ksfzb1to&ps=767x431
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.68.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: dfw25s41-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 17 Aug 2021 11:24:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/ntd.com/id/618591/ 103 B
375 B 316ms
316ms Script
text/javascript 3.37.97.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/ntd.com/id/618591/checksum?callback=dbljson5

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.97.189 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-97-189.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cfc50b2df313e715daaca202ac320d9db3306756c41835ed9685fa65f816efa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 11:24:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"67-xAR0gN21hld30mB4xi6gBs7sPcc"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 114

GET
H2 200 push_notif_ntd.js Show response
services.epoch.cloud//public-labs/src/push_notifications/ 6 KB
2 KB 46ms
14ms Script
application/javascript 2606:4700:3038::6815:ea4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 19:08:58 GMT
server: cloudflare
age: 5945
etag: W/"5e4d87ca-189e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBBOLJGkkIH3XZ2FyrgzyZFBzuQ%2BF7DaPpyBayx8Pg08eL4zQV1FxolGlTlqxhp0rzFt1Ds5GpDSvnpBVngCYynW67viCnqT3CXBNwVv44PfSQYAEniztFVaB8motre6xQ16WIAT1%2FFb2B63AsOdGAS9Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680289dc5fd81f51-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cbb358742efbe80005a15256de11d533.js Show response
clientcdn.pushengage.com/core/ 77 KB
19 KB 429ms
305ms Script
application/javascript 13.224.196.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1629199480897
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-31.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: df6214fbc1e7c7d38251801a7ea1b737aa5980e52df86158d03b202f5b98ccdd

Request headers

Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:24:52 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-id: 697XZpy1dWeZ8ZrxpkCV5GDjwCsG43nnwqBZ9Dz7jOZXgN74KnLdnA==
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)

GET playlist.m3u8
vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_240p/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vs.youmaker.com
URL: https://vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_480p/out0000.ts

Domain: audex.userreport.com
URL: https://audex.userreport.com/sync/put/id5?idfiveid=ID5-ZHMOfpqX56cohXp222aVTGFK-mrkg7Ktaszy_kHS-Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F477%2F3%2F7.gif%3Fpuid%3D%25s%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: vs.youmaker.com
URL: https://vs.youmaker.com/assets/2021/0525/48897680-5da1-4bf0-a70c-0fd65fa599a2/hls_240p/playlist.m3u8

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eqads.com/	1970-01-19 22:45:48	Name: EQUser Value: UID=07472916-ca34-4d47-9ea3-c23e6829bbea
.casalemedia.com/	1970-01-19 22:42:55	Name: CMPS Value: 235
.casalemedia.com/	1970-01-20 05:18:55	Name: CMRUM3 Value: 82611b9c812760AAAoSE7CNzkAAB5EgjEZzA&33611b9c7d05a0&27611b9c7d0b40&29611b9c7d05a0&e6611b9c7d2760&0d611b9c7f2760069922040047f8465263e5b2&28611b9c7f276007472916-ca34-4d47-9ea3-c23e6829bbea&2d611b9c7e2760CAESEPTenXfU2RAPDNZ8EO07A1M&f1611b9c7d05a0&05611b9c7d05a0&39611b9c7f27601871878972425837036
.openx.net/	1970-01-20 05:18:55	Name: i Value: 8d4adfc8-603f-4ab8-9c0b-4418e469eaa3\|1629199484
.adnxs.com/	1970-01-19 22:42:55	Name: uuid2 Value: 2573713551719923911
.casalemedia.com/	1970-01-19 20:34:45	Name: CMST Value: YRucfWEbnIEA
.doubleclick.net/	1970-01-20 05:54:55	Name: IDE Value: AHWqTUkdUE11UszGl_nfrUS2x2nityCqwNYRmnXUmEf75ng_iniT7sMSKNWt14cKYqU
.openx.net/	1970-01-19 20:54:55	Name: pd Value: v2\|1629199484\|gekin0vNiygu
.casalemedia.com/	1970-01-19 22:42:55	Name: CMPRO Value: 319
.casalemedia.com/	1970-01-20 05:18:55	Name: CMID Value: YRucfX-DxPbtBk9gYVqWKgAA
www.ntd.com/	1970-01-20 05:18:55	Name: epoch_gdpr_userid Value: 8a623c43-8d79-05bf-7bbb-359503eb7a06

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html(Line 409) Message: vast_tag: https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&url=https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&description_url=https://www.ntd.com/us-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html&correlator=[timestamp]&iu=%2F5965368%2FNTD_News_Preroll&pageurl=__page-url__
console-api	log	URL: https://vs.youmaker.com/assets/player/48897680-5da1-4bf0-a70c-0fd65fa599a2?r=1280x720&cat=news/coronavirus-outbreak&logo=true&api=7&autostart=true&mute=false&url=https%3A%2F%2Fwww.ntd.com%2Fus-calls-for-new-probe-into-ccp-virus-origins-amid-mounting-attention-on-lab-leak-theory_618591.html(Line 410) Message: site: ntd.com
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=728px, min-height=90px styles on the div element with id=article_top_ads_inner. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift
console-api	warning	URL: https://vs.youmaker.com/assets/js/epochplayer7.ads.min.js(Line 1) Message: Ad error: AdError 400: There was an error playing the video ad. Caused by: AdError 1205: The browser prevented playback initiated without user interaction.
console-api	log	URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js(Line 12) Message: VIDEOJS: adserror (Preroll)
console-api	warning	URL: https://vs.youmaker.com/assets/js/epochplayer7.min.js(Line 12) Message: VIDEOJS: WARN: Play promise rejected in snapshot restore [object DOMException]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=300px, min-height=250px styles on the div element with id=right_column_ad_0. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

121b7950be35b52496fb434f7e3376bc.safeframe.googlesyndication.com
acdn.adnxs.com
act.ds.kakao.com
ad4m.at
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
analytics.twitter.com
api.dable.io
audex.userreport.com
bcp.crwdcntrl.net
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
cdn.districtm.io
cdneast2-xch.media.net
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
contextual.media.net
csi.gstatic.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
images.dable.io
imasdk.googleapis.com
img.ntd.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.prod.bidr.io
mixi.media
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid-match.dotomi.com
prebid.adnxs.com
pubads.g.doubleclick.net
rr3---sn-4g5ednld.googlevideo.com
rr3---sn-5goeen7y.googlevideo.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
sc.youmaker.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stat.media
static.ads-twitter.com
static.dable.io
static.mixi.media
static2.mixi.media
static3.mixi.media
static6.mixi.media
static7.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
t.co
target.mixi.media
tnews.to
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um2.eqads.com
us-u.openx.net
vs.youmaker.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youmaker.com
www.youtube.com
x.bidswitch.net
audex.userreport.com
vs.youmaker.com
104.16.68.69
104.244.42.195
104.244.42.5
13.224.196.31
13.225.78.34
13.248.242.197
136.243.217.162
136.243.42.249
142.250.184.226
142.250.185.98
142.250.186.34
142.250.68.163
151.101.12.157
151.139.128.10
151.139.128.11
159.253.128.188
178.162.133.149
18.233.75.25
184.24.21.156
185.183.112.155
185.29.132.245
185.33.220.243
185.64.190.78
192.132.33.46
193.0.160.128
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.93
203.133.167.207
209.54.176.128
211.231.100.211
23.37.38.181
23.37.42.132
23.62.140.165
2606:4700:3037::6815:2a1f
2606:4700:3038::6815:ea4e
2606:4700:3039::6815:c03b
2a00:1450:4001:5d::8
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9b
2a00:1450:400f:12::8
2a02:2638::1c
2a02:fa8:8806:12::1370
3.37.97.189
34.120.97.157
34.240.124.39
34.98.64.218
35.157.246.167
35.186.253.211
35.201.68.206
35.244.243.66
37.157.4.25
37.252.161.190
37.252.172.250
52.19.22.209
52.215.67.233
52.57.47.211
52.78.61.184
54.77.19.59
65.9.73.18
65.9.79.193
69.173.144.139
69.173.144.141
72.251.241.196
91.228.74.189
008d405c18b167829ca35b48d59a9f1de2fd145f424e04eba1de729669565563
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
02da102aeb3a30d71d420021dea8d530fc66d3415d66c721bf3880c5348723cc
03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4
03199fef5801b7800b74fc18921f459956231076c3f8976ea2ab6a865f0fadce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
098586ce2788ee4aede3f5e479e4814b3dafcc85d14b67dcff266ae7d04d17c2
09c4876d230686046390e0e836d90f43012aad1a55d2919e73af46c049069f5f
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcdaf5deefd6c48b883440c74c11521cd5ac062b4da70a8188eb5860e941302
0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
12ffde9f3865e876f25bc93fd34bfe7ab06502486b31ea84a1df9b355a28471f
138a20465b4b10cfcd7b480b8822a68c212dfe79665118ccd877ee06881780b3
146be95168ea464dafeaac75a5645e4848a2105d72d53c14007a6c4bf2987ab9
1520d2488866fa3228ea151928ddd5893bc72125ffa8e489726ebafa5714e2f1
195638649a210b8d2c35a1163fe160822b77dd255f057a6609307d01809de5ce
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
1e87164c4a010d5d11c72b954fc26b1e1f26d7bd8ae5be9df59e54496446d070
1ed5927ba3272fa063ec98adc57ba021241b4f81e40da3a1cb3b0e0a3fa23b59
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20d93c83f7d23115aa9ce958bfc86025f77db34f039acb8aef487b2c7a057ef0
2111cb86a447718681fdf6f253f4c440553f16a833fd233e7ca3011ad18370ae
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
218e2b2c810635f1fd22e58481850f3830499925ea8083309330a355161c964b
225182a1677f3efdf62a4c47eaa29a37cb309b32fafd8b0f772464dd7633663e
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23c7d0c8768ff2ad8b15c79e9bab374f8cc506286b97b172e02e4b41a1d796f4
24ee07dc2d6d135c2e3161335ef953d0ebe11fedb14bb75945cc0668db1c46ec
251f69d0af06e3e8716a14a8d162cb01181b1b393e91df96cee0cc1c96ef0001
27eddf4da9282a7ceedf21259ebf4012a7a13174cf5738e97fe2b01d2d506b3f
28ea2a3caf53f854970592d0f3bbd04f778a31748ca8cf32dc20aeb9c05ca33f
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2d110619ac97d418b9bbac4cdf378e371c67cc53752386e9de7df6a07c5a55ca
2d3682f228d657de7644e13edc51d49607c99cfe29d17de53ff795f2b2ea64f2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b0cd2ef91adb0652343b24347224da8648b6fc0583193768f1fdfed7785056
31cfe53a30f429bf940d747c0804c44f26a4e4d71500d88509c67b808a8ec0a9
35b5bdde8888d18915025184d8b7a427011ba267c011a541752858356b8fcd9c
37512989c98421880ed372bf6b8b2e245b0d9dcbb65bf82d406063bdc2cdcbd1
3771a301c266c7cd233c66b7fe9236c804307a0dc4247bc72b209ec731dd1149
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
3aa980cfe54cd9d9fc5328b2f1a23eaae9def153a3bef793ddd2d9af5310dc55
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e
3bd594e61500c1c8eb4704f91ea842e62fbf40b8f33c9dd5c8fbb11028f7bbf3
3cf18665fe0d2dc0aef2d3155751d541e87b20bc8e585040373e29986fda24a0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5ca4dd801b8208f20d117efa9b2b745466409f0c94a6d8b32dcdc8599658b0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b1fb8e87ea47025129b921e045084539aa982e36dbae7f2377e562ddb7ff52
40e7e7284b1076fee1fc35c1f2930fbf3131061fc7795e0a639db1ccd462a25a
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
47b86485ed682a860a05f6089ee12578c5a5e569e38232a374c98fed65be7c7d
485d1e9597d74b48109f11c4bde59393d4a232d99a31a3c6989d5e56ff9a5fbf
4866e21a4f60c3d8fde543ae5e0907d567a29242a80e498f36cff60551c1ec65
4876add1f3b7a1218d91c56cba2d3045fa4a3b43b1c67480ceb5bc933dc99ca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5b86dbc81458f36066812f23d469fa4b2cba658c39d2909745a21b163c5555
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
545b21fa0a4328913ddd72edc300dd172dae6ceaca8801583a9a00c23a7143cf
546fbdf5c7ebe0763dcb50d0266d8db877526bac0d96b7f23062c2e9e120d2fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555b312e541165fbf369dcea69df26213fc8f2e1998b5428bdb4ee001c8bd664
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5839ccc0e7529b4f4945cfe7163f363e0cae2e44bd9cbad0cd8c2820bbdb58d1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab194e2804e8ca9d20eac03beae4c467375715f8126dbdf3e905b58624ee910
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f0a1c7ace56ca4e193da01cc74e777d579180057e43dfcb6844ca10d02eca8c
5f8490d7c6f4ebdc5efc83d059e43e22eac8d0e6df9ea43f052e15878a5cbde0
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
608201919dc10acf4972a81fd619c662c2c57f0fd89361d3d30639692da2d356
61e4956999b77070d064e08381db56f4ffc860efa5b457ff07b4d1a9650b23eb
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
68880362d1f548529d11929167c92d3985b1f52acfcf5e91cfed2f7dc44eb655
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6be485e154f3050c9783321464779ebe8f3671d5153b8df8e958e69e743f9981
6dc7ba162db365941a23c68f8417eca8884c821ff6104a5a7f825ce090407b77
70852ff42f7166bd99f142e468d896c0ac9d55a4814d8246ead18f494ad6539f
718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55
72cf754c363154ded4f90992002ffcfdaff286c0099cc2949d6d375fdc268d14
73a4c98eb7ead2b88f323f7405be187285b58bc4916658d2d837adb1cee6c068
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
757739870d3bba85ee0fe8b324a4ab73820b52247dad1812122c71a6e1ed821b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77a9f1b1f89eb4f32f2a47cc1db767c42ec1f710307cd64b9865b619ca3122dd
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79ff3af8f124da212eb1aa97c3316cc6a185bb5f55eb974a9923a87258b8b294
7a4af26b63db62b331d9ced148bb44cb2fc3356fac9d4905a7604e031fbc961a
7adb924789a448b43bcbedbcf580a82942d5414e832e8eb7a9c15fe9592a1ed9
7cc612204e573284cd594bf8102834cff57671a656b2b082d479e059853c9f4b
7d7ad9df853e3d14c5b35a98e2ff54558fa21493565a21a8128cc11d4aa4f226
7e6a3e2505b7f3c486259bdbfe5196d7848b6f0ab58cf8e60fac7896c688d31e
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80dfbb9dafd367452bb64a3611a734fa3757a05d1b0001a42528138cfd2e45f5
8121ed21b7ed90b510281e31ce7a4ee8e4b1e38bb0f7f6fde101a12dba5aa35a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e7662d92c3358e4d1b1c4185de74d4673104c12ab79e32400416eecfa1ac0b
86dbdc3925cfb84b9f037f125df9066a384724985dfac4365d5afe0962253681
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
89549e8076d1cb00db2fa89517fb808bbabf7028b1bffe7b36ba3040f72cf541
89af0d630ba20c4dc2c3d15dcaf42832cc51bd0522bf2cb42feffbe628915876
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aac26847d6f44ad75d67907f6ec951132648ff347dbd15d363c36cdfa7fd0c1
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8c2e6d4ea2eeddb8c09cc67a1a324b3dbd296550ca30a0c50f117b0c21f280e1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6240cf0838c18b8de1b379040b9b8079c59024f591e3266d63dbace7d33643
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
91e3003b100490443b393ae298ca1efcfd0e108c394ec6288150ae0f947d2bfd
9385cd31b20019e2487aafaca92d75aae2203268ff3731e5f0237c435428ad07
9699e34eb2df4a3e740a199dbf70e95692020fced127e958ed0c941d757e497b
96abe1a16e2a6fff4584ef131d95de19eabb899d860e74aeff1dc5c33237f022
976648dd57b029db574a8bcb1efb29f876b72bf97ae4b2adea0b461e59d994f1
9b01d2160fc4faa66e40f8a86b7d81ca0c0c9e14969987a793ba1aec17b7231a
9b24fa2988d959518279c66ac6670a43a8f5bd18c9a9ac5cc96dd08f99a9f612
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9f5d7084c3341ded4229fc69ee0b2e8c17845e76c00382109b9b8488e89d9393
a053efe52df0368d35df4bafa40589c696613ea89b1bd6cbc24fd83b0d036e21
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e7f32e3f81402b3c4d8dc1142a184036a1ace5db3a2330ff04c36b15a9ad83
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a5e0e9a0ef200fe532e2cadbce0480d0f46f6d6a2036120681ccf430012fc58e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6164dfe8fef36a2c1c648bf007b555e49cf318be3afb53dbc437791ed64fbde
a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825
a6fa2894cab74ebaf6dd654cc93b8d74d1ef487e9642d92013f32948d7052c7a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a90a064b8ed4756aa80fc2238b81a5e440857d05a8ab3eade1b9c539adebc024
a939b066e48dd9dbb8bffffc7da1c2339d356657aafa86e237ec541047fb9e4b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25ad312b1dfbfa0c2fe26c788828fb10a5abb0c3abfaa240804d1bb36358591
b3f656f191ff333e55fdf3c8636c22088db3eb99e15e38b22d3272fcb410126f
b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b49a2c5dc989a38fd6e1ca1b0281682ba7d8e513d0f782873ea78c574b700be1
b9725b70579e8a79d54ca6705662e611712cb1a82ecb369ef76d9a119e65ee5d
ba7fc80641a11909ffb13a78ea0035717e33d507d1737e37f439da84452b4ea2
baced0a3942e83f9cddece1bfc471088d7e2f33e9917bdd76ad6f24bdc9d79eb
bc9638f5f76b0faf177bdf6f5f14d787f3a41b47fff1f2a8d7d20fa0af57ce18
be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5
bf173830985a139beb4f23f7d5b110694f2248923a735ac65df8444ed3bc30cf
bfd684487fa502cbadc6a43e262a68e04e70ba90fa536625eade641357004111
c0b02e9d70aa2e4ef933e09fba8db2a5b26cef44cc9f8df4abb9c5c5ad8c5e97
c12c0300d95f68070bca50f1776b404962166db26b325c6291488ae39a78f9b6
c1bc73e9c6c3841934cce5d06c9444e0f6b5c8e85d0e71c4d8350995d6844f4e
c20e8e9b2a638d8982711e81739b3124144126918af7b4882d85bfaa1ca7e37e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2604fb780ba54d9de4d5da7b6e6a976d8288e2d97f45b81144748a461ccc25f
c3825759524e1546e8c9514b0dd34f5894736a6fdd492f70a1b36c30709e7525
c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154
c5ba8dcd4107103108ae81e5ae3b3c1fca1ae72923cd3fd9b4cbbe544ac58ed4
c69291a419bd01a66e87fb22bedbfeaf2d58bba493f61d8437134556b3037a5c
c71b62fb6d05552af52e2f65988acf272a75a518a90e9eafff3c5bb9db0f6791
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
ca1eed3a34484a876d71cf8788086134cf755e4fd9244333af83be76e6dfab16
cbea61d61b4b708c379dd49015e2baa7d72f61a8070c885b84bbe888d1b14992
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cee8fc2e94b1a0c62c7a9302b0c64a7ff6f372faaca513c264807db0f07ee445
cfa354e5458d5e741989bac1a31f4f6ba09955ab668e8d9b307833232873d884
cfc50b2df313e715daaca202ac320d9db3306756c41835ed9685fa65f816efa7
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d142248ecdfe7cffbd64eb3e2856af9127303196868d66b20541fee9b4edd034
d158808063fa7bb1ceeff3620bdc8d87ba19c4784032554f915d274cc8769c94
d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
d96d7067d198fc50c66c3c2175a7ffef66e4fdc6440261950acfbd863e87a55d
da8c27ceed8f584e94037f3ab3d66b977ff0c51c916432696ba72e361247abbe
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
defb0d777e64580ce9c6657e8d7401cd3a594529c6f1cc37095a99fca8aacb75
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df6214fbc1e7c7d38251801a7ea1b737aa5980e52df86158d03b202f5b98ccdd
dfc35b95644e058f86926147896a7974d4ee59416d69ebe4a0ebd0635ffa97ae
e2bd241ffb0a420a0f17fd12bf34e1a2293e4f3c34eb0b47b8886c6c556f0d82
e302ccdf5f622b81177256567d02cd8edb014b412d0e43141efa43cfecd9f180
e31e4ba6f0cddcf0ccc7ce9dcb6bb00582140514f196001ba03996a6eec77516
e352656650831260fbac2fea58f74e33a5168e2171eb0708fed6e08dcae6b6d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e67455ca5eb27f3cbf5273c8e244b03b1d8ad005eaf9e106e0e264ab0bcad858
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e9305146452bd809a27fccd42eeb6800af439935af1a851a3200ec129e09fc35
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f192c8e02e0373406e39422eb87f9b16b711d375c518b6c56950cb742a460835
f1ebea22111afea2da34495d1e226f8bd4c2c98846177d1ee119f4f0b396bd33
f26b03e14d2dabe6081a3de6b971294659c952b301e3f408d10d79ad846c6813
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f3b4728ae5f0c11342f607f501ae9517dc9397f336bb63905bcc38aacd0bbb50
f5443d42c7834cd8ff927327229833a12c96c6888dbd9c56c44896b327d3a492
f5b766ef7c1436dae645920f3a47573d6d0f3705d2f1ab71e519a5fde098efbc
f68d534e00e63d83731732a267a146e2929bf221b988074d74af17f81b18b80a
f7ba66af6ac5340ef4843d31e9870f837436ab8bb0088d94c0c34bf87f70ba1f
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
f7e5f38b6f6721bd446e7e8fb44137c74f5e7f79c842a8510fed01c56717c3d9
f8277ebd4ab8c6f66b0ab5472389c3001af4ca9cdf85e9089a6ba750cc8f6b1f
fa8be78e0b24fa34196f3fd6b307596f1e20b6a8965ff5075fa11d6a340b5cde
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fc2462d1567bd55cd70a1593c4411be36f62284cd181b6ad800585b3a113d868
fcf674aec9209cb003cadd179c6c217b73b19511fbc109f636541422fbe34f8b
fd9963901e8b2d2bedbd2fd928cef4dc7c8b553f1e7c438c6b0c30e33ec5ce88
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

www.ntd.com Open in urlscan Pro 151.139.128.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

358 Requests

98 %HTTPS

37 %IPv6

57 Domains

100 Subdomains

81 IPs

10 Countries

5084 kBTransfer

9564 kBSize

11 Cookies

37 Outgoing links

Page URL History

Redirected requests

358 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
151.139.128.11 Public Scan

Screenshot
Live screenshot

Full Image

358
Requests

98 %
HTTPS

37 %
IPv6

57
Domains

100
Subdomains

81
IPs

10
Countries

5084 kB
Transfer

9564 kB
Size

11
Cookies

358 HTTP transactions
4 data transactions