www.ntd.com Open in urlscan Pro
2606:4700::6812:191e  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tnews.day/ccp-continues-to-persecute-falun-gong-hk HTTP 307
   https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

• https://unpkg.com/react@18/umd/react.production.min.js HTTP 302
• https://unpkg.com/react@18.2.0/umd/react.production.min.js

Request Chain 123

• https://unpkg.com/react-dom@18/umd/react-dom.production.min.js HTTP 302
• https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js

Request Chain 151

• https://rp.liadm.com/j?dtstmp=1697679289718&se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&wpn=lc-bundle HTTP 302
• https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&dtstmp=1697679289718&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&i6=MjAwMToxYWY4OjQ3MDA6YTA2OTozNTo6NA%3D%3D

Request Chain 154

• https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html HTTP 302
• https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html HTTP 302
• https://a.clickcertain.com/px/?c=2455d1796b86efb

Request Chain 160

• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25222c0ab79e-41d5-4f37-a216-5b470c5896fa%2522%257D&title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html HTTP 302
• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25222c0ab79e-41d5-4f37-a216-5b470c5896fa%2522%257D&title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tdc=1

Request Chain 184

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 185

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 187

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 188

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 190

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 191

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1

Request Chain 192

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1

Request Chain 194

• https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 195

• https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4f2287bcde9849348fb78aa8b55f0026&expiration=1700271291

Request Chain 196

• https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
• https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e3dbc73-01b6-6fe0-01d91757

Request Chain 197

• https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222

Request Chain 199

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1

Request Chain 201

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 202

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1

Request Chain 203

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZTCHuwAAAbS8XQA_ HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTCHuwAAAbS8XQA_&_test=ZTCHuwAAAbS8XQA_

Request Chain 204

• https://ad.turn.com/r/cs?pid=21 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505426074670185659

Request Chain 205

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=32A81DE43E344DE59EC0AE038847EB2A

Request Chain 206

• https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
• https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1067303616888211285

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Show response www.ntd.com/ Redirect Chain https://tnews.day/ccp-continues-to-persecute-falun-gong-hk https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html	124 KB 20 KB	727ms 660ms	Document text/html	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash f9fe7d5fe70744e7e25ba6e157a81df130cd77d0733c225273a07807ca8faa70 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control public, max-age=14400 cf-cache-status MISS cf-ray 818547d9dd2065b0-FRA content-encoding gzip content-type text/html; charset=utf-8 date Thu, 19 Oct 2023 01:34:47 GMT expires Thu, 19 Oct 2023 05:34:47 GMT server cloudflare strict-transport-security max-age=63072000 vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-nextjs-cache STALE x-powered-by Next.js x-xss-protection 1; mode=block Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 818547d41c8a39ca-FRA content-type text/html; charset=UTF-8 date Thu, 19 Oct 2023 01:34:47 GMT expires Mon, 07 Jul 1777 07:07:07 GMT location https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFyscaBYaEao2okD3UjsUbGZOOsADajBNjEvU2fiNSq9WtV%2F%2FZhKRLuFpi64P3DGkfXJiRyeB20%2BSJ3wlgwURcT0TyZbYgHauh4T0TzrHY5JEmuU2V5s2H4z%2FZrLmJ8%2FOk7Ivp1OaFk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-redirect-by WordPress x-redirect-powered-by Pretty Link Pro Developer 3.5.3 http://prettylink.com x-robots-tag noindex, nofollow
GET H/1.1	200 OK	LDB9996-900x506.jpg i.ntd.com/assets/uploads/2022/10/	757 KB 757 KB	1053ms 833ms	Image image/jpeg	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2022/10/LDB9996-900x506.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 29ea0bf2c753b838b53013b8d5444e8464c0195aab68b756499b201132ed9631 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:49 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 774826 Last-Modified Sat, 05 Nov 2022 07:31:31 GMT Server nginx ETag "63661153-bd2aa" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535981 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Fri, 18 Oct 2024 01:34:30 GMT
GET H/1.1	200 OK	ntd-logo-comment.png i.ntd.com/assets/themes/ntd/images/	35 KB 36 KB	249ms 30ms	Image image/png	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 35679 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-8b5f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=30926256 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Fri, 11 Oct 2024 00:12:24 GMT
GET H2	200	inter.css rsms.me/inter/	5 KB 1 KB	300ms 98ms	Stylesheet text/css	2606:4700:3038::6815:e9e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rsms.me/inter/inter.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-fastly-request-id 5fe0db6544b4f1a6ebbefc972bd0330fd3e93ad8 date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 varnish content-encoding br expires Fri, 13 Oct 2023 10:18:18 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 171 x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-lga21979-LGA last-modified Tue, 12 Sep 2023 00:37:37 GMT server cloudflare x-github-request-id 8786:55C4:6EC2D4:A20A84:64FFB301 x-timer S1694479178.035115,VS0,VE3 etag W/"64ffb2d1-1490" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW7wFCeTEHe2TxL%2F5YeScmi%2F%2BArTuSJxbdLHeMtYaUpli8u4HBbovs2BwWd1F3oCoJuZj4I9aY1dDpswK5sO6rjAKRVCUzjlaX0pdL2%2Ff29u7AENVU7htWhzMMCJEpzSY9P5etpN"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 818547df8888c431-EWR x-cache-hits 1
GET H2	200	template.css subs.epochbase.com/lib/	4 KB 1 KB	165ms 114ms	Stylesheet text/css	34.107.251.162 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://subs.epochbase.com/lib/template.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 162.251.107.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 4b6b35d30346b570ecfa8e9d1581fbea06294f4ae500aba8c83b83d827a6ee3b Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Fri, 08 Sep 2023 21:28:25 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1242 expires Thu, 19 Oct 2023 02:34:48 GMT
GET H2	200	ccb97fcbbe0fd3cb.css www.ntd.com/_next/static/css/	143 KB 44 KB	32ms 31ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd8a9dfcb0d3e8eb4a0dca00c678c20c5d4c7986659ad5fdb6bb5b0b267eb54a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:25 GMT server cloudflare etag W/"23acc-18b3a45a71d" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de0f6b65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	e936572ace7f1b61.css www.ntd.com/_next/static/css/	23 KB 5 KB	29ms 28ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/e936572ace7f1b61.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3866f683489bc38774b45d2c9659d5067b990354a7798ce0f8bb24a036e3492 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:25 GMT server cloudflare etag W/"5d51-18b3a45a71d" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de1f6c65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	ecc0d3ad206e4295.css www.ntd.com/_next/static/css/	15 KB 3 KB	33ms 32ms	Stylesheet text/css	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/ecc0d3ad206e4295.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1b9580ad594b203c1fce605f0f774816cd78401eabddb78bb8a0a8a60dc2f50 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:25 GMT server cloudflare etag W/"3df3-18b3a45a71e" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de1f6d65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	30418f44-85d0cd07c9902eeb.js Show response www.ntd.com/_next/static/chunks/	680 KB 185 KB	36ms 32ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"a9f15-18b3a45bdae" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de2f7a65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	9073-68a4483817d3cecb.js Show response www.ntd.com/_next/static/chunks/	9 KB 3 KB	31ms 27ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9073-68a4483817d3cecb.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b20caa89714841d6b18762cdfff2fdf7806e919629e041b4146ffa0e6336b418 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"244a-18b3a45bdb4" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f7c65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	663.1d5472b3a99817f0.js Show response www.ntd.com/_next/static/chunks/	10 KB 4 KB	36ms 32ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/663.1d5472b3a99817f0.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0265f269c8075006a6f75d7aeab8cb9d1dcb21e89ea87154f6acdb936e986203 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:57:20 GMT server cloudflare etag W/"2804-18b3a4767cf" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f7d65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	1391.e1393007fdb8aeac.js Show response www.ntd.com/_next/static/chunks/	11 KB 4 KB	36ms 32ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1391.e1393007fdb8aeac.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bda8d9feaf39705c9ff278e0dfa0d8b49d40da4fb7d2bf46d262b4c2b39ff81 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:57:20 GMT server cloudflare etag W/"2bd0-18b3a4767cd" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f7f65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	webpack-cae4622b48998b02.js Show response www.ntd.com/_next/static/chunks/	6 KB 3 KB	36ms 32ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/webpack-cae4622b48998b02.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2097392554b88afa1c507acbbda8db93685cb1bae70e2f930c8d89c7e1a8372 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 15:49:12 GMT server cloudflare etag W/"18b3-18b392d50a3" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8065b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	framework-79bce4a3a540b080.js Show response www.ntd.com/_next/static/chunks/	127 KB 41 KB	53ms 49ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:57:20 GMT server cloudflare etag W/"1fbd2-18b3a4767cf" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8165b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	main-9a2cb928659cd95b.js Show response www.ntd.com/_next/static/chunks/	118 KB 35 KB	32ms 28ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8e78daa065e02de5d8b249192b4e2c364a523cff15f783b273a38664634354b Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"1d968-18b3a45bdb4" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8265b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	_app-19213af036895b8d.js Show response www.ntd.com/_next/static/chunks/pages/	313 KB 94 KB	52ms 48ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 093cc15e8882085bc08863d3c72a10629466295ecf97a4a187dca5f5d43b821a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 15:49:12 GMT server cloudflare etag W/"4e512-18b392d509e" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8365b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	4201-66f788ee4ee45a93.js Show response www.ntd.com/_next/static/chunks/	116 KB 41 KB	35ms 32ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/4201-66f788ee4ee45a93.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c5a3e13ad52b15a5e9f82b95a971d1203facb8ff8a47ac5fe144d61f2ec7c77 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:57:20 GMT server cloudflare etag W/"1ce9a-18b3a4767ce" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8465b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	2962-79824fecadc91da8.js Show response www.ntd.com/_next/static/chunks/	17 KB 4 KB	52ms 49ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/2962-79824fecadc91da8.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 526b714767671df2d3cea3f16ad14f856cbee9c2307b41528242aafc9c5d3d24 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:57:20 GMT server cloudflare etag W/"4207-18b3a4767cd" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de3f8565b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	4277-9113847c34226409.js Show response www.ntd.com/_next/static/chunks/	84 KB 25 KB	71ms 68ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/4277-9113847c34226409.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99e232f0777782167244e5f824d348b49a9f92446b12810aa4a3d7216572aeaf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"1502f-18b3a45bdaf" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9065b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	9146-c010d8b3f8fd1db0.js Show response www.ntd.com/_next/static/chunks/	7 KB 3 KB	71ms 68ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9146-c010d8b3f8fd1db0.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779d8fdda515b570970a5fb09b5eefbf0c8ec6300d969d4d609806a37f77e803 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"1d13-18b3a45bdb4" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9265b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	1294-0929a0d5c827d350.js Show response www.ntd.com/_next/static/chunks/	14 KB 5 KB	56ms 53ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1294-0929a0d5c827d350.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2daa6fba1550537ef6b7a0ae526862b853a356ec8be4d42827f27e6c6e7f2458 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"3716-18b3a45bdac" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9465b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	1335-0c50628db361768d.js Show response www.ntd.com/_next/static/chunks/	121 KB 16 KB	71ms 68ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1335-0c50628db361768d.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e26931ef4a11c5aaaf1dc16524549cb541c94a97147ccc56274cd1950d8d093 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"1e33f-18b3a45bdac" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9565b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	3213-782e5f25516aa1a7.js Show response www.ntd.com/_next/static/chunks/	12 KB 4 KB	56ms 53ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/3213-782e5f25516aa1a7.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1557a738d24489dc74105f03ab494b3513bb1989be4edeeb00f66e5c7f2cc2e Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"31d4-18b3a45bdae" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9665b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	1601-ce29e6661bb60ba0.js Show response www.ntd.com/_next/static/chunks/	9 KB 2 KB	56ms 54ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1601-ce29e6661bb60ba0.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2997f9a557c9b636e93dfa7b84a57dfc6c7e3b6593f0341b77891dd7e19cc91 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"22ae-18b3a45bdad" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9765b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	%5Burl%5D-524df1b999d12400.js Show response www.ntd.com/_next/static/chunks/pages/	23 KB 7 KB	57ms 55ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-524df1b999d12400.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4903df755dbd653cc4ee49d17b149b36cc538efdb566ef5e558b1267aa0b9753 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 15:49:12 GMT server cloudflare etag W/"5b1d-18b392d50a0" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9865b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	_buildManifest.js Show response www.ntd.com/_next/static/9d1e73dd982e6381936bcf19cf843f5c5a72a45a/	4 KB 2 KB	56ms 54ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/9d1e73dd982e6381936bcf19cf843f5c5a72a45a/_buildManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 921cc0045470d4633e182f7365bedc9452142bd6fc5d50a42c1e1503973d9f4d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 15:49:12 GMT server cloudflare etag W/"1093-18b392d509e" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9965b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	_ssgManifest.js Show response www.ntd.com/_next/static/9d1e73dd982e6381936bcf19cf843f5c5a72a45a/	598 B 330 B	55ms 53ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/9d1e73dd982e6381936bcf19cf843f5c5a72a45a/_ssgManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 469 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 15:49:27 GMT server cloudflare etag W/"256-18b392d8a61" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547de4f9a65b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H/1.1	200 OK	NTDLogo.svg i.ntd.com/assets/themes/ntd/images/	660 B 1 KB	249ms 31ms	Image image/svg+xml	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 660 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-294" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=30459928 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dcf538ab166e90e4dfda982d360b06de8da42bd945c277ec6f357a55b43bbc5b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c21eea3ff63e3cbe49cfe06d47eba4a268ed5e2d583d9fbe8590f39b85212ae Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	80 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 720530af830892701ef8b15094596aba1a91afffc1a013cad9103da6cd9df0e4 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	146ms 30ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 21:50:55 GMT x-content-type-options nosniff age 359033 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11016 x-xss-protection 0 last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 21:50:55 GMT
GET H2	200	ENTD_Play.svg www.ntd.com/images/	2 KB 1 KB	511ms 511ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/ENTD_Play.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/e936572ace7f1b61.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/e936572ace7f1b61.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare cf-cache-status MISS etag W/"7e6-18a84a34dab" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 818547e0087365b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	NTDLogo.svg www.ntd.com/images/	660 B 668 B	468ms 467ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/e936572ace7f1b61.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/e936572ace7f1b61.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare content-encoding gzip etag W/"294-18a84a34dab" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 818547e0087a65b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	footer-app-logo.png www.ntd.com/images/	73 KB 73 KB	604ms 602ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/footer-app-logo.png Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/e936572ace7f1b61.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/e936572ace7f1b61.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 74494 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare etag W/"122fe-18a84a25ff3" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 818547e0087d65b0-FRA expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	NTD_BackToTop.svg www.ntd.com/images/	2 KB 943 B	517ms 516ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTD_BackToTop.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/e936572ace7f1b61.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/_next/static/css/e936572ace7f1b61.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare cf-cache-status MISS etag W/"7d6-18a84a25fec" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 818547e0087e65b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	RingsideCondensed-Medium.otf www.ntd.com/fonts/	118 KB 65 KB	606ms 605ms	Font font/otf	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/fonts/RingsideCondensed-Medium.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare cf-cache-status MISS etag W/"1d9d8-18a84a25fe8" x-frame-options DENY vary Accept-Encoding content-type font/otf cache-control public, max-age=14400 cf-ray 818547e0087b65b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET DATA	200 OK	truncated /	23 KB 23 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5 Request headers Referer Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	D-DIN.otf www.ntd.com/fonts/	58 KB 27 KB	669ms 669ms	Font font/otf	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/fonts/D-DIN.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d67834e2a76646c456c087ce42a6bd6b6b0c85c88dd9918618a8b4c563c2bdf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare cf-cache-status MISS etag W/"e9d4-18a84a34da8" x-frame-options DENY vary Accept-Encoding content-type font/otf cache-control public, max-age=14400 cf-ray 818547e0088065b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	RingsideCondensed-Bold.otf www.ntd.com/fonts/	122 KB 66 KB	599ms 599ms	Font font/otf	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/fonts/RingsideCondensed-Bold.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/_next/static/css/ccb97fcbbe0fd3cb.css Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare cf-cache-status MISS etag W/"1e6ec-18a84a34da9" x-frame-options DENY vary Accept-Encoding content-type font/otf cache-control public, max-age=14400 cf-ray 818547e0088165b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H/1.1	200 OK	Xu-Na.jpeg i.ntd.com/assets/uploads/external/2022/01/	216 KB 217 KB	792ms 792ms	Image image/jpeg	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/external/2022/01/Xu-Na.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 63506bc046d9ba3bf45c879a1b8b82b912eb3c90a3d0210064b437dd245245bb Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:49 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 220959 Last-Modified Sat, 22 Jan 2022 02:18:20 GMT Server nginx ETag "61eb696c-35f1f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31536000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Fri, 18 Oct 2024 01:34:49 GMT
GET H/1.1	200 OK	Falun-Gong-banner-615x369.jpeg i.ntd.com/assets/uploads/2022/11/	291 KB 292 KB	802ms 802ms	Image image/jpeg	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2022/11/Falun-Gong-banner-615x369.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash bc0f7cf3e2f019c364f7c42a434af03159a81f5dd34ab7b652dc88f36bd0808b Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:49 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 297795 Last-Modified Wed, 30 Nov 2022 21:42:04 GMT Server nginx ETag "6387ce2c-48b43" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535950 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Fri, 18 Oct 2024 01:33:59 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	115ms 43ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9561327d88b1af3a3af6e817b60fc0e7da524b543dd0e8122bed75878f6885e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Thu, 19 Oct 2023 01:34:48 GMT
GET H2	200	8735.d0b957bfa55e8687.js Show response www.ntd.com/_next/static/chunks/	44 KB 15 KB	29ms 28ms	Script application/javascript	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/webpack-cae4622b48998b02.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 467 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2023 20:55:30 GMT server cloudflare etag W/"af73-18b3a45bdb4" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 818547e0c8f165b0-FRA expires Fri, 18 Oct 2024 01:34:48 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	78ms 29ms	Script text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-524df1b999d12400.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 90361e022f0bc6bed992e447a17cfd9c44b1e4faf7e89b6f9dfad31fcd4a901b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 01:34:48 GMT
GET H2	200	embed.js Show response comment.youmaker.com/web/	7 KB 3 KB	180ms 115ms	Script application/javascript	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/embed.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/9073-68a4483817d3cecb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/javascript x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H2	200	counter.js Show response comment.youmaker.com/web/	2 KB 1 KB	180ms 114ms	Script application/javascript	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/counter.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/9073-68a4483817d3cecb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/javascript x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H/1.1	200	95162.js Show response mixi.media/data/js/	5 KB 3 KB	178ms 112ms	Script application/javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/data/js/95162.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/1391.e1393007fdb8aeac.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 41b6a57c16c70ff2cc0523aebbcaa112b7aa5c0881bc013a3368ce9d37e20baf Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:48 GMT Content-Encoding gzip Last-Modified Thursday, 19-Oct-2023 01:34:48 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive
GET H2	200	js Show response www.googletagmanager.com/gtag/	283 KB 93 KB	86ms 37ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/main-9a2cb928659cd95b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c622b63c3609d62aaa62b3b101b33c604a306aea7aaa24b21722783fbe053499 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95317 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 19 Oct 2023 01:34:48 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	117 KB 45 KB	113ms 64ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ce6e0c073b4c3209d7261938371ca56df8cd5848b6afddba939807707434abb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46067 x-xss-protection 0 last-modified Thu, 19 Oct 2023 01:02:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 19 Oct 2023 01:34:48 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	90 KB 29 KB	93ms 38ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7af1a0970c0098d189c4267d5396358704bcb77816eea0ad290c04731e9faa19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29201 x-xss-protection 0 server cafe etag 457 / 19649 / m202310120101 / config-hash: 13153089758077232901 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 19 Oct 2023 01:34:48 GMT
GET H/1.1	200 OK	prebid.js Show response i.ntd.com/assets/themes/m-ntd/js/ads/	275 KB 276 KB	70ms 29ms	Script application/javascript	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 281947 Pragma no-cache Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-44d5b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31219194 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	263 KB 64 KB	101ms 24ms	Script application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:26:26 GMT content-encoding gzip via 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront) last-modified Tue, 17 Oct 2023 19:57:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 503 etag W/"b9a7eb01b5274e82795d834c0b8154f1" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id b_ByyXEuj7Jq6AGb2MbjiHb0YcvnWPIuWV6X_Xo-Zp9rMXP2ZR1Mzw==
POST H2	200	counts Show response www.ntd.com/api/v1/	1 KB 210 B	572ms 571ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/3213-782e5f25516aa1a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3acbc80fb90448ed7ce78287cf8d5b8db2d8003f0a4ea39077e06f1062e8f21 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 818547e0e90265b0-FRA app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	664 B 729 B	170ms 125ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=886828,948503,948523,948530,948502,948475,948519,948480,948490,948479&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash b3ff7857567cef14da14e37dcd7ca61d23a1de93a24d4057ad6b5db43dee0d56 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 664
POST H2	200	getcounts Show response www.ntd.com/v1/api/video/	50 B 167 B	867ms 867ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/v1/api/video/getcounts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/663.1d5472b3a99817f0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3583811756124fa4fc482c4b3cfbfc662f9c213b8c96bc11e3b22140502ff15 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/json Response headers date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 content-encoding gzip server cloudflare cf-cache-status DYNAMIC vary Origin, Accept-Encoding x-frame-options DENY content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true cf-ray 818547e0e90465b0-FRA x-xss-protection 1; mode=block
POST H2	200	counts Show response www.ntd.com/api/v1/	638 B 448 B	569ms 569ms	Fetch application/json	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/3213-782e5f25516aa1a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ca164eaa0ecb9ba270f3f2a8f174c349e7bf609ecdfb1caf7c5b0d6b8919d6d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 818547e0e90565b0-FRA app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	408 B 608 B	168ms 124ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=948523,948530,948502,948519,948480,948490&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash d044e259a573f0d9f00091acfb40727f9dc0615b07ae48ab71c49e7f6d1939a8 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 408
GET H2	200	geo Show response pwe.epochbase.com/	145 B 325 B	166ms 116ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/geo Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 2f8722279408e06990b68ce78e5c6cfb7b197e40303d90889400c6d41685fc33 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 145
GET H2	200	default-user.png www.ntd.com/images/	3 KB 3 KB	462ms 460ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/default-user.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 2560 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"a00-18a84a34db0" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 818547e1694b65b0-FRA expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	share.svg www.ntd.com/images/	338 B 319 B	460ms 457ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare content-encoding gzip etag W/"152-18a84a25ffa" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 818547e1694d65b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H2	200	share_single.svg www.ntd.com/images/	388 B 336 B	459ms 457ms	Image image/svg+xml	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share_single.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare content-encoding gzip etag W/"184-18a84a25ffa" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 818547e1694e65b0-FRA x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 05:34:48 GMT
GET H/1.1	200 OK	id948418-GettyImages-1730497368.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	20 KB 21 KB	84ms 44ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948418-GettyImages-1730497368.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f2636c1ae9ae32ee3127e53735a05a868c107eee4d7f44fecd1dc1f78cc790eb Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 20612 Last-Modified Tue, 17 Oct 2023 18:52:50 GMT Server nginx ETag "652ed802-5084" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31452556 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948534-Mccarthy-GettyImages-1741221769.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	17 KB 17 KB	71ms 30ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948534-Mccarthy-GettyImages-1741221769.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9d6022a84102c1a34eb6345a8df360bf6ba766bc72ce389b3ca657008f93f646 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 16986 Last-Modified Wed, 18 Oct 2023 02:04:47 GMT Server nginx ETag "652f3d3f-425a" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31451838 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948516-GettyImages-1715822580.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	22 KB 23 KB	37ms 36ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948516-GettyImages-1715822580.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e095060e0a994c4184540f018ebe7c5c2a1a8572904f3097a476e226e532e361 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 22496 Last-Modified Wed, 18 Oct 2023 01:19:27 GMT Server nginx ETag "652f329f-57e0" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31453357 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948446-Jim-Jordan-GettyImages-1741205167.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	8 KB 9 KB	41ms 40ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948446-Jim-Jordan-GettyImages-1741205167.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 740e8e1848df9a83f97bcb8373566b87998b88a0fdb1062c70e50b1f9a15de38 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 8196 Last-Modified Tue, 17 Oct 2023 19:52:49 GMT Server nginx ETag "652ee611-2004" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31453323 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948509-3-GettyImages-138667943.jpeg-352x220.webp i.ntd.com/assets/uploads/2023/10/	21 KB 21 KB	35ms 35ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948509-3-GettyImages-138667943.jpeg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b7ddf7a86134f1968e1fd1a9a006187e314136be5a0a3f328597acf4c6face96 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 21064 Last-Modified Wed, 18 Oct 2023 00:43:14 GMT Server nginx ETag "652f2a22-5248" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31450224 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id948491-New-Project-7.jpg-352x220.webp i.ntd.com/assets/uploads/2023/10/	10 KB 11 KB	30ms 30ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/10/id948491-New-Project-7.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3942bd4734ec5205b07b18c5dc007e60109624a99f7ea0619fdceb5b206d8039 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers strict-transport-security max-age=63072000 Date Thu, 19 Oct 2023 01:34:48 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 10458 Last-Modified Tue, 17 Oct 2023 23:50:56 GMT Server nginx ETag "652f1de0-28da" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31448401 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H2	200	watch_ntd_on.png www.ntd.com/images/	20 KB 20 KB	598ms 597ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_on.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 20726 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare etag W/"50f6-18a84a25ffe" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 818547e1694f65b0-FRA expires Thu, 19 Oct 2023 05:34:49 GMT
GET H2	200	watch_ntd_row1-2.png www.ntd.com/images/	64 KB 64 KB	604ms 603ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_row1-2.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 65131 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare etag W/"fe6b-18a84a25ffe" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 818547e1695065b0-FRA expires Thu, 19 Oct 2023 05:34:49 GMT
GET H2	200	watch_ntd_row2-2.png www.ntd.com/images/	93 KB 93 KB	687ms 686ms	Image image/png	2606:4700::6812:191e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/watch_ntd_row2-2.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:191e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 94887 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"172a7-18a84a34dbb" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 818547e1695165b0-FRA expires Thu, 19 Oct 2023 05:34:49 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/	213 KB 66 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/dd34ec3d/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 270c8f402a1eb1fe4617d33b37944b6e59c50d0aeb4605500f38f08cefc03191 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:13:53 GMT content-encoding br x-content-type-options nosniff age 1255 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67282 x-xss-protection 0 last-modified Mon, 16 Oct 2023 01:52:21 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Oct 2024 01:13:53 GMT
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/	462 KB 185 KB	69ms 20ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ed3e4f53284f4f9c6e1636460894a6826c3471608ca04cf84203f6a6d130fa4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 18:05:51 GMT content-encoding gzip x-content-type-options nosniff age 199737 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 188865 x-xss-protection 0 last-modified Mon, 09 Oct 2023 02:01:40 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 15 Oct 2024 18:05:51 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/	421 KB 132 KB	103ms 31ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f9c72ef22efe8a0e095464ab57ea0d5b6c24fa0abcd9439a1ffe1f522cca92a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 11:42:41 GMT content-encoding br x-content-type-options nosniff age 49927 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134870 x-xss-protection 0 server cafe etag 11169537383484699631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 17 Oct 2024 11:42:41 GMT
GET H/1.1	200 OK	ge.js Show response s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/	59 KB 60 KB	545ms 181ms	Script application/javascript	52.92.164.0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.164.0 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash d20db6c1df31874b999f525e1eb15c5041d7b5b94c7336754c97d72fca64c1f1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:50 GMT Last-Modified Tue, 29 Aug 2023 17:44:45 GMT Server AmazonS3 x-amz-request-id S7EJDNQQ0XRBQSDJ ETag "b54fadc7e5991d9914d62a0459bfdf77" x-amz-server-side-encryption AES256 Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 60527 x-amz-id-2 5YY5LMK+3GSPF7nfWIi+yGuW8dJJ48xSWcy0y+dxEcbVo8w011VfdK2B2XGpWNUUMNCRXDUf+ak= Expires Thu, 28 Sep 2023 17:44:44 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	283 KB 93 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 88772ecacbb2c649109bd7cdc6d264670bd5f5896abe34e4044a9e2fe503e4fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95380 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 19 Oct 2023 01:34:48 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 251 B	48ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je3ai0&_p=1488784425&_gaz=1&cid=188089566.1697679289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697679288&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&dt=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 251 B	67ms 21ms	Ping text/plain	2a00:1450:400c:c09::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=188089566.1697679289&gtm=45je3ai0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 408 B	79ms 31ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=188089566.1697679289&gtm=45je3ai0&aip=1&z=1418892814 Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	template Show response pwe.epochbase.com/api/	7 KB 2 KB	122ms 121ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 0ea258555e5fcf60617c4791778cba754e64b9acb2792b47c32af0cf2dfa0b3e Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	rules Show response pwe.epochbase.com/api/plan/	3 KB 717 B	122ms 121ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/plan/rules?siteId=www.ntd.com&planId=live-ntd Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 782472b6db3f88d20618c601794695efab2fb079f3e5c878cdf08625026609db Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	jsapi.v5.12.0.en_US.js Show response static.mixi.media/static/jsapi/	251 KB 75 KB	179ms 57ms	Script application/x-javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:48 GMT Content-Encoding gzip Last-Modified Thu, 31 Mar 2022 07:51:02 GMT Server nginx ETag W/"62455d66-3eabf" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Connection keep-alive
GET H/1.1	200 OK	sm.js Show response stat.mixi.media/	77 KB 28 KB	364ms 296ms	Script application/x-javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stat.mixi.media/sm.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:48 GMT Content-Encoding gzip Last-Modified Thu, 02 Dec 2021 13:53:02 GMT Server nginx ETag W/"61a8cfbe-13481" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, must-revalidate, proxy-revalidate, max-age=3600 Connection keep-alive
GET H/1.1	200 OK	miximedia.svg static.mixi.media/static/adpreview-assets/mixi-media/images/logo/	6 KB 6 KB	128ms 23ms	Image image/svg+xml	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:48 GMT Last-Modified Mon, 30 Sep 2019 14:11:01 GMT Server nginx ETag "5d920cf5-1849" Content-Type image/svg+xml Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 6217
POST H3	200	counts Show response comment.youmaker.com/api/v1/	205 B 229 B	117ms 116ms	XHR application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/counts?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/counter.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 3fd25752c7f31cdd293c078afebe9339312564e8065fe184ecc7a3ac77d996a4 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 pragma no-cache server nginx/1.20.1 author EMG app-name remark vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true x-robots-tag noindex app-version 0.1.2
OPTIONS H3	200	counts comment.youmaker.com/api/v1/ Frame	0 0	144ms 115ms	Preflight	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/counts?site=www.ntd.com Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ntd.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://www.ntd.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-name remark app-version 0.1.2 author EMG cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 content-length 0 date Thu, 19 Oct 2023 01:34:48 GMT expires Thu, 01 Jan 1970 00:00:00 UTC pragma no-cache server nginx/1.20.1 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers via 1.1 google x-robots-tag noindex
POST H3	200	counts Show response comment.youmaker.com/api/v1/	205 B 229 B	118ms 117ms	XHR application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/counts?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/counter.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 3fd25752c7f31cdd293c078afebe9339312564e8065fe184ecc7a3ac77d996a4 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 pragma no-cache server nginx/1.20.1 author EMG app-name remark vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true x-robots-tag noindex app-version 0.1.2
OPTIONS H3	200	counts comment.youmaker.com/api/v1/ Frame	0 0	145ms 117ms	Preflight	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/counts?site=www.ntd.com Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ntd.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://www.ntd.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-name remark app-version 0.1.2 author EMG cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 content-length 0 date Thu, 19 Oct 2023 01:34:48 GMT expires Thu, 01 Jan 1970 00:00:00 UTC pragma no-cache server nginx/1.20.1 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers via 1.1 google x-robots-tag noindex
GET H2	200	iframe.html Show response comment.youmaker.com/web/ Frame 83F7	4 KB 2 KB	120ms 118ms	Document text/html	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e15f84e73930311c7dc3460cdc7d86aac7e80c2c4c0dc0d8c15bc280f3e69fb9 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-name remark app-version 0.1.2 author EMG content-encoding gzip content-type text/html; charset=utf-8 date Thu, 19 Oct 2023 01:34:48 GMT last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 vary Accept-Encoding via 1.1 google x-robots-tag noindex
GET H2	200	iframe.html Show response comment.youmaker.com/web/ Frame 8FE8	4 KB 2 KB	119ms 117ms	Document text/html	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e15f84e73930311c7dc3460cdc7d86aac7e80c2c4c0dc0d8c15bc280f3e69fb9 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-name remark app-version 0.1.2 author EMG content-encoding gzip content-type text/html; charset=utf-8 date Thu, 19 Oct 2023 01:34:48 GMT last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 vary Accept-Encoding via 1.1 google x-robots-tag noindex
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	64ms 22ms	XHR application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers x-amz-version-id 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog content-encoding gzip via 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront) date Wed, 18 Oct 2023 05:03:22 GMT x-amz-cf-pop FRA56-P6 age 73887 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 29 Aug 2023 08:30:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id Gud_-XRuhjK5WvA5_MH1L3SUJ9frTzxtAOFW9oZSHkNAbd-hXwmf7A==
GET H2	200	ae51d432-b517-4c68-9f8a-22444acccbb5 Show response config.aps.amazon-adsystem.com/configs/	537 B 812 B	81ms 27ms	Script application/javascript	99.86.4.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-39.fra6.r.cloudfront.net Software CloudFront / Resource Hash c3a4df25e241b0441b39ba2a63e876fc14bea8404980ec73f463df1e94e815fe Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 00:42:22 GMT via 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA6-C1 age 3146 x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 content-length 537 x-amz-cf-id FTXAARLTcrYOQnNAx2lMq3hgUM48O6G_4I3bFLEAsw2tituI4HJ64A==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 306 B	24ms 23ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:05:21 GMT via 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 1767 x-cache Hit from cloudfront access-control-allow-origin https://www.ntd.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id t07AYsdu5NvxeGZQ9Nq4eNIdbCwchCTcWYQnN4ppahIBO-zFAx5UhQ==
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 307 B	22ms 22ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:05:21 GMT via 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 1767 x-cache Hit from cloudfront access-control-allow-origin https://www.ntd.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id QZNbZgoYzrr5oCmp3jz3DwDHQVKySzFLWpB_JhyZ_MqhF-idSjx8oA==
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 5045	57 KB 33 KB	46ms 46ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__nl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 438ed4a3bdbe501847f2cd24f075631b64b72a2d87a503ca9db1e82826fdbe7e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ogmniswYD2B7QuAGu3m_bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ogmniswYD2B7QuAGu3m_bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 01:34:48 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	template Show response pwe.epochbase.com/api/	8 KB 3 KB	119ms 118ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 1d7bf3f201985aeebca9fea36d8ac2977a0768a8345d39ebf15624591eb89306 Request headers Accept application/json, text/plain, */* Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	remark.css comment.youmaker.com/web/ Frame 8FE8	87 KB 12 KB	120ms 120ms	Stylesheet text/css	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/remark.css?v=2023101012 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 353c575016c2824eb9af3cbe5a613c6ae2014ced43c59ff2bb1324eb61999024 Request headers accept-language nl-NL,nl;q=0.9 Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type text/css; charset=utf-8 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H3	200	remark.js Show response comment.youmaker.com/web/ Frame 8FE8	316 KB 83 KB	123ms 123ms	Script application/javascript	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/remark.js?v=2023101012 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash acc3836862a7c6b6dedf1aca9b5f8dd916e9447ba32a43e7b958f5dd89a871ae Request headers accept-language nl-NL,nl;q=0.9 Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/javascript x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H3	200	remark.css comment.youmaker.com/web/ Frame 83F7	87 KB 12 KB	122ms 120ms	Stylesheet text/css	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/remark.css?v=2023101012 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 353c575016c2824eb9af3cbe5a613c6ae2014ced43c59ff2bb1324eb61999024 Request headers accept-language nl-NL,nl;q=0.9 Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type text/css; charset=utf-8 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H3	200	remark.js Show response comment.youmaker.com/web/ Frame 83F7	316 KB 83 KB	127ms 125ms	Script application/javascript	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/web/remark.js?v=2023101012 Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash acc3836862a7c6b6dedf1aca9b5f8dd916e9447ba32a43e7b958f5dd89a871ae Request headers accept-language nl-NL,nl;q=0.9 Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Tue, 10 Oct 2023 19:18:38 GMT server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/javascript x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 app-version 0.1.2
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 5045	55 KB 24 KB	60ms 19ms	Stylesheet text/css	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 19:17:27 GMT content-encoding gzip x-content-type-options nosniff age 22641 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 09 Oct 2023 02:01:40 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Oct 2024 19:17:27 GMT
GET H3	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 5045	462 KB 184 KB	70ms 30ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ed3e4f53284f4f9c6e1636460894a6826c3471608ca04cf84203f6a6d130fa4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Mon, 16 Oct 2023 18:05:51 GMT content-encoding gzip x-content-type-options nosniff age 199737 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 188865 x-xss-protection 0 last-modified Mon, 09 Oct 2023 02:01:40 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 15 Oct 2024 18:05:51 GMT
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 457 B	423ms 357ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&pid=E3gv5xmilOpG0&cb=0&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid SYK1VWDXJ33AADDHN92N vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id -LascoBNssGR6-_5_4h_1V3Z_3k3NWH8vduI0vGFUUytsnVMDBc3_g==
POST H/1.1	200 OK	cookie_sync Show response prebid.adnxs.com/pbs/v1/	638 B 747 B	82ms 16ms	XHR application/json	185.89.208.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/cookie_sync Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:48 GMT Content-Encoding gzip Server nginx/1.21.3 Transfer-Encoding chunked Vary Accept-Encoding, Origin Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires 0
POST		auction prebid.adnxs.com/pbs/v1/openrtb2/	0 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 358 B	78ms 25ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://www.ntd.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H2	200	prebid Show response exchange.postrelease.com/	0 389 B	459ms 105ms	XHR application/json	54.92.232.196 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://exchange.postrelease.com/prebid?ntv_pb_rid=7e2ed78e1a70a1&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.92.232.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-92-232-196.compute-1.amazonaws.com Software nginx/1.12.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip server nginx/1.12.2 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true content-length 20 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	624 B 1 KB	158ms 76ms	XHR application/json	2602:803:c003:200::45 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=d305abcf-3660-441a-b893-3451fef3c8c1&l_pb_bid_id=103afcb45120773&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.21747000700841523 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 5f6ee9f9813e96a5268edf628e33cdaa6b0fd51bab528fc48f5e03dfd7c63b27 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 542 B	85ms 34ms	XHR application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211917b715c21d6a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212fd62d4adca888%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d3c5c7ee20813c3dcb8e61c584b761eaafc0cbfc11bc52b42b81aa7a078986 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14REesUSRBfoy3A26NOMb2EGjyN%2FOhUSqOZyQh%2F3HYk0CNqmRJ1BZjzyGHYMlAkBAahNbQRh5pqeaNMhWtfpennFjtb5qvl%2Fnnpu8oEcdi1yRHW2dKhEdboiDftBjqpzsLOF5shn"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache access-control-allow-credentials true cf-ray 818547e3b8d3bb3e-FRA alt-svc h3=":443"; ma=86400 content-length 37 expires 0
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 575 B	85ms 19ms	XHR application/json	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT an-x-request-uuid d283dc39-8d44-401c-9f9e-050c2124de1a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/	23 B 458 B	403ms 356ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&pid=E3gv5xmilOpG0&cb=1&ws=1600x1200&v=23.1010.1530&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid S19QMCH81B13N10ZR8RY vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id 5XgOAYo_qAWUeU2cfZfMlFM37B7zla_9hWzIBu7RIHGab49qdlh0Nw==
POST		auction prebid.adnxs.com/pbs/v1/openrtb2/	0 0
GET H2	200	prebid Show response exchange.postrelease.com/	0 390 B	447ms 104ms	XHR application/json	54.92.232.196 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://exchange.postrelease.com/prebid?ntv_pb_rid=20a42805b1d01db&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.92.232.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-92-232-196.compute-1.amazonaws.com Software nginx/1.12.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip server nginx/1.12.2 content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true content-length 20 expires Mon, 1 Jan 1990 12:00:00 GMT
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 574 B	80ms 20ms	XHR application/json	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT an-x-request-uuid 866ce143-3f07-4a2b-a1ed-465af5294362 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 312 B	78ms 34ms	XHR application/json	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224d7680cfe826f7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222561873775151d8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f56015693e3471c3a5852b176ddf877f0f951e5a3ee8ea6318c5e78287f7bc49 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnmEncdSk8WWWhkp0UiW88uYkeyRdYqODyDTjPeCKgSIQ%2B02vj2jvFajQIi1Ax%2FDCjFumVey6cmEfX7fwJfNUPEkvjszrzLqRB1owie2NH5IB%2FBHihllSck%2BVL35Df1ERf%2F367Ng"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache access-control-allow-credentials true cf-ray 818547e3b8d4bb3e-FRA alt-svc h3=":443"; ma=86400 content-length 37 expires 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 359 B	63ms 25ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://www.ntd.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	592 B 932 B	147ms 77ms	XHR application/json	2602:803:c003:200::45 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=e9ea07a0-af30-4586-9dbd-e2217f5704cb&l_pb_bid_id=2939546bb48f687&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.42964747274019244 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash f4c5736adc367376788759ebd89568a7c0b98a6a457b64585ac5162bc55e023f Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:48 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 592 expires Wed, 17 Sep 1975 21:32:10 GMT
POST H/1.1	200	jsapi Show response mixi.media/newdata/	8 KB 3 KB	103ms 102ms	XHR application/json	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/newdata/jsapi?action=news Requested by Host: static.mixi.media URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 5f478ee18a56af9841a3c13ded30e28679dfa68ab3be3c40756ada88164e7876 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type multipart/form-data Response headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:48 GMT Content-Encoding gzip Last-Modified Thursday, 19-Oct-2023 01:34:48 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive X-Node ads5-2sselp11
GET H2	200	react.production.min.js Show response unpkg.com/react@18.2.0/umd/ Redirect Chain https://unpkg.com/react@18/umd/react.production.min.js https://unpkg.com/react@18.2.0/umd/react.production.min.js	10 KB 5 KB	32ms 31ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react@18.2.0/umd/react.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 24876633 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01GNXCXQT74VAMQXBWN00RAXX4-fra server cloudflare etag W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 818547e458f82c2f-FRA Redirect headers date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HD2S3GMB89ETYW7E3XJA27RF-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 26 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /react@18.2.0/umd/react.production.min.js cache-control public, s-maxage=600, max-age=60 cf-ray 818547e418d32c2f-FRA
GET H2	200	react-dom.production.min.js Show response unpkg.com/react-dom@18.2.0/umd/ Redirect Chain https://unpkg.com/react-dom@18/umd/react-dom.production.min.js https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js	129 KB 43 KB	34ms 34ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react-dom@18.2.0/umd/react-dom.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 24876633 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01GNXCXR0H9CRD0TR8XFWK0H8R-fra server cloudflare etag W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 818547e458f72c2f-FRA Redirect headers date Thu, 19 Oct 2023 01:34:48 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HD2S3GMA1D36G90YCWJA0HJW-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 26 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /react-dom@18.2.0/umd/react-dom.production.min.js cache-control public, s-maxage=600, max-age=60 cf-ray 818547e418d12c2f-FRA
GET H3	200	signInCombo-2.1.umd.js Show response pwe.epochbase.com/libs/	233 KB 74 KB	156ms 120ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-19213af036895b8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash d4f1a536283cbb2fa387da28a60288f71e6c00c1e979634875a1584ebfd03fb0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip via 1.1 google last-modified Wed, 18 Oct 2023 15:22:16 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	204	current prebid-match.dotomi.com/match/bounce/	0 104 B	98ms 26ms	Image text/plain	2a02:fa8:8806:21::1720 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 5045	2 KB 2 KB	19ms 19ms	Image image/png	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 00:18:29 GMT x-content-type-options nosniff age 522979 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Fri, 20 Oct 2023 00:18:29 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5045	15 KB 15 KB	21ms 20ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Sat, 14 Oct 2023 02:58:03 GMT x-content-type-options nosniff age 427005 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Oct 2024 02:58:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5045	15 KB 15 KB	28ms 28ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 12 Oct 2023 18:06:30 GMT x-content-type-options nosniff age 545298 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Oct 2024 18:06:30 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 5045	102 B 135 B	33ms 33ms	Other text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7956486dd31238e819d564dee08fc42828096ea72e5631a10d897be9340f5909 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=MydHw_zggsxIJuhSbyOmPv5R&size=invisible&badge=bottomright&cb=r3etjel126l2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:48 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 19 Oct 2023 01:34:48 GMT
GET H/1.1	200 OK	11338074.jpeg static6.mixi.media/img/400x300/	77 KB 77 KB	235ms 46ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static6.mixi.media/img/400x300/11338074.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash e3c593292ff6aac99a5ae7f634c3fb9f1916f4cfc2294e07ff10e3fa5b1a940c Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Fri, 13 Oct 2023 23:28:57 GMT Server nginx ETag W/"6529d2b9-2bf97" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 78960
GET H/1.1	200 OK	11323881.jpeg static3.mixi.media/img/400x300/	31 KB 31 KB	256ms 64ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static3.mixi.media/img/400x300/11323881.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 388b4ee883554412c588e73347213b78e2d6cd7cec70af5001881aecb913957f Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Sun, 08 Oct 2023 16:50:06 GMT Server nginx ETag W/"6522ddbe-1ada3" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 32002
GET H/1.1	200 OK	11338075.jpeg static3.mixi.media/img/400x300/	40 KB 40 KB	257ms 65ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static3.mixi.media/img/400x300/11338075.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 125fe9db3e975802086f92dce2c719009d92848dbc4257a9c97bb76a4edee316 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Fri, 13 Oct 2023 23:29:41 GMT Server nginx ETag W/"6529d2e5-e387" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 40920
GET H/1.1	200 OK	11335421.jpeg static6.mixi.media/img/400x300/	52 KB 52 KB	234ms 65ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static6.mixi.media/img/400x300/11335421.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash c9226220e6a4b1e2ce292a1c94bcbbe6a430643995a535b10be9247bc26a87b2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Thu, 12 Oct 2023 23:36:24 GMT Server nginx ETag W/"652882f8-19969" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 53374
GET H/1.1	200 OK	11347508.jpeg static2.mixi.media/img/400x300/	34 KB 34 KB	230ms 63ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static2.mixi.media/img/400x300/11347508.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 749f85c4333c0ee666c03a166d97a4669a5f65679a005ccce30672a744f33c80 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Tue, 17 Oct 2023 23:46:12 GMT Server nginx ETag W/"652f1cc4-90fb" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 34377
GET H/1.1	200 OK	11321989.jpeg static8.mixi.media/img/400x300/	53 KB 53 KB	227ms 65ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static8.mixi.media/img/400x300/11321989.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash d77da70bc1538a9978dace9f7d654657614c97a10fd07ba90a902b6e5c5e8d61 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Sat, 07 Oct 2023 16:40:59 GMT Server nginx ETag W/"65218a1b-35bad" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 54509
GET H2	200	us.gif sync.go.sonobi.com/	49 B 445 B	333ms 103ms	Image image/gif	69.166.1.35 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.166.1.35 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT server sonobi-go vary negotiate,Accept-Encoding x-go-server go-iad-2-5-154 content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store, private tcn Choice content-length 49 x-xss-protection 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	config Show response comment.youmaker.com/api/v1/ Frame 8FE8	283 B 236 B	115ms 114ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/config?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash f97ced67877969e493747881c5f41b5f89d2b22d01f024525689197324154c36 Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	settings Show response stat.media/counter/	450 B 1 KB	207ms 52ms	Script application/javascript	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/settings?payload=COeDAxIkMDRkZGUyZDctM2U1Mi00NjVmLTgwMTEtYTk3MzI0YWMyZDNlGI3SyKy0MSIkMWZjM2MwNjctOWRjNS00NjQxLWE4YjItMzAwYjIyMGU5MDhh&cb=_callbacks____0lnwiez1m Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash 8e3b5639396c43d6f91ccdb301dbd2f089ef6ca5f320a17eb480dbba5f65fee9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:49 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript
GET H3	200	config Show response comment.youmaker.com/api/v1/ Frame 83F7	283 B 236 B	115ms 115ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/config?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash f97ced67877969e493747881c5f41b5f89d2b22d01f024525689197324154c36 Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 author EMG vary Accept-Encoding app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	401	user comment.youmaker.com/api/v1/ Frame 8FE8	57 B 0	127ms 127ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/user?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	site Show response comment.youmaker.com/api/v1/ Frame 8FE8	91 B 114 B	126ms 126ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/site?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	find Show response comment.youmaker.com/api/v1/ Frame 8FE8	123 B 146 B	127ms 127ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&id=886828&group=&sort=-time&format=tree Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5 Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	401	user comment.youmaker.com/api/v1/ Frame 83F7	57 B 0	124ms 117ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/user?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	site Show response comment.youmaker.com/api/v1/ Frame 83F7	91 B 114 B	124ms 118ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/site?site=www.ntd.com Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	find Show response comment.youmaker.com/api/v1/ Frame 83F7	123 B 146 B	123ms 118ms	Fetch application/json	34.120.33.89 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&id=886828&group=&sort=-time&format=tree Requested by Host: comment.youmaker.com URL: https://comment.youmaker.com/web/remark.js?v=2023101012 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.33.89 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 89.33.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5 Request headers x-provider-token youmaker x-xsrf-token accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 content-type application/json accept application/json Referer https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&url_id=886828&page_title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission&provider=youmaker&token=&theme=epochtv&toolbar=false&max_shown_comments=10 x-access-token x-site-id www.ntd.com Response headers app-version 0.1.2 pragma no-cache date Thu, 19 Oct 2023 01:34:49 GMT via 1.1 google server nginx/1.20.1 author EMG app-name remark content-type application/json; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	ActaDeck-Medium.otf cdn.epoch.cloud/assets/fonts/	51 KB 51 KB	91ms 27ms	Font application/octet-stream	2606:4700:e2::ac40:8c0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3373 alt-svc h3=":443"; ma=86400 content-length 51776 last-modified Wed, 19 Feb 2020 18:57:39 GMT server cloudflare etag "5e4d8523-ca40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY4LMC9LQ5TjGcF72wIFF1rkwKEBF%2FqSxD4iymEYmIDpaJI5Tw087nbb2cH%2F877hm0OO6LGErdfS8Ex%2BgVSG2im837MqiuOQ8%2FYhbmmPjT8YGlfGVnB0bgW7hMed6ipifpTAJW2KyJp4HdZ%2FGl8%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 818547e73a0b1911-FRA
GET H2	200	RingsideNarrow-Medium.otf cdn.epoch.cloud/assets/fonts/	123 KB 124 KB	294ms 231ms	Font application/octet-stream	2606:4700:e2::ac40:8c0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55 Request headers Referer https://www.ntd.com/ Origin https://www.ntd.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:49 GMT cf-cache-status REVALIDATED last-modified Tue, 07 Jun 2022 20:08:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "629fb029-1ed24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGmoX4%2Boy9LJ9LsXEXBBn0EpEFlklkt9YjVoLn%2B8ZiUYx7wxx%2FqLdMkQl0WI5%2BYeYGjTGRyCQ0rFaq3l2muxGhTXC7CLSwIwTxDGN4%2BDrO1by6T%2FSX2FfPThqEhbz8TyoEFHYdSJd1SlAEq0cuM%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 818547e73a0a1911-FRA alt-svc h3=":443"; ma=86400 content-length 126244
GET H/1.1	200	/ mixi.media/cookiematching/	43 B 882 B	109ms 108ms	Image image/gif	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDA0ZGRlMmQ3LTNlNTItNDY1Zi04MDExLWE5NzMyNGFjMmQzZRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjk3Njc5Mjg4NTg5GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDFmYzNjMDY3LTlkYzUtNDY0MS1hOGIyLTMwMGIyMjBlOTA4YRoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1697679289481 Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache, no-cache Date Thu, 19 Oct 2023 01:34:49 GMT Last-Modified Thursday, 19-Oct-2023 01:34:49 GMT Server nginx Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Content-Length 43 Expires Thu, 19 Oct 2023 01:34:49 GMT
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	153ms 50ms	XHR text/plain	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Thu, 19 Oct 2023 01:34:49 GMT Server nginx Connection keep-alive
GET H2	200	lc2.js Show response b-code.liadm.com/	45 KB 15 KB	86ms 22ms	Script application/javascript	2600:9000:223c:b400:8:8845:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-code.liadm.com/lc2.js Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:b400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c72af8036033d41652b869c8643dabe96165401e7fd0442c5a6463d7ec36ae58 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 19:12:51 GMT content-encoding gzip via 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 22918 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control "public, max-age=86400" x-amz-cf-id fLVCehSTbt8eRjmxBRjLAdLBHUYtHgr0HzoMRwEOrE5UNfu21Qqlyw==
GET H2	200	j Show response rp4.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1697679289718&se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religio... https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&dtstmp=1697679289718&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-...	13 B 318 B	364ms 117ms	XHR application/json	54.82.5.116 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&dtstmp=1697679289718&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&i6=MjAwMToxYWY4OjQ3MDA6YTA2OTozNTo6NA%3D%3D Protocol H2 Server 54.82.5.116 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-5-116.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT x-pixel-event-id 1e94db7e-df9c-4abe-bc16-c23b2646ba65 access-control-allow-methods GET content-type application/json access-control-allow-origin null access-control-expose-headers * access-control-allow-credentials true content-length 13 Redirect headers location https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&tna=v2.9.2&dtstmp=1697679289718&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&i6=MjAwMToxYWY4OjQ3MDA6YTA2OTozNTo6NA%3D%3D access-control-allow-origin https://www.ntd.com date Thu, 19 Oct 2023 01:34:50 GMT access-control-expose-headers * access-control-allow-credentials true content-length 0 access-control-allow-methods GET
GET H2	204	72731 Show response idx.liadm.com/idex/unknown/	0 309 B	468ms 113ms	XHR text/plain	3.209.140.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hd2s4b7vrs0zgde4ksxkc2pr&resolve=md5 Requested by Host: b-code.liadm.com URL: https://b-code.liadm.com/lc2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.209.140.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-209-140-19.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers access-control-allow-origin https://www.ntd.com date Thu, 19 Oct 2023 01:34:50 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true trace-id c80a62d0486e45a7 vary Origin request-time 2
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	50ms 50ms	XHR text/plain	82.148.14.195 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: stat.mixi.media URL: https://stat.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel25.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Thu, 19 Oct 2023 01:34:49 GMT Server nginx Connection keep-alive
GET H2	200	/ Show response a.clickcertain.com/px/ Redirect Chain https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html https://a.clickcertain.com/px/?c=2455d1796b86efb	4 KB 2 KB	136ms 136ms	Script text/javascript	2606:4700:20::ac43:4acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.clickcertain.com/px/?c=2455d1796b86efb Protocol H2 Server 2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b26bff67cf98a842585c857ed0d4f627a92eada606c9225f4490d1ba8e9bee Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT content-encoding br x-frontend cc-nginx-576bff674-jclcz:cc-nginx-576bff674-jclcz cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid 2e1d2922-12d4-4b7a-b614-d333736d2dcd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fLfIvSi18dgmV%2Fj%2F0XpTCqgCkHBSxgSDnNXPNBXD3q8eFrc2RPAejZlVB%2Fip4bZHD28EEPcEuLaO1PAYfx1gh%2FSmVUuPk0ErHLCqyh%2BFlXcEGT%2Bzol0ihQXDmuqwdJZDJh9ma0axk%2FdSDSaSF5ZuA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 818547edc89435e5-FRA Redirect headers date Thu, 19 Oct 2023 01:34:50 GMT x-frontend cc-nginx-576bff674-jclcz:cc-nginx-576bff674-jclcz cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid 110b2a68-6942-4fcb-bbc3-74feb7bd6b1a report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BNM%2BB9LyAa6rMNXLPuxvN2WkVi5zraZEqSdEHemWnNwt8oo2HQAk3NvTFP%2BRX6bjleeLyCyRYuWFWxMDXJulW7Yea%2FLahrdPN9sYhG7P7gRna26WKAz4%2FCJwMnf4IFDI36%2FyOam6Le8u9WXIPAZTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript location https://a.clickcertain.com/px/?c=2455d1796b86efb cf-ray 818547eb4f3735e5-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	29 KB 13 KB	410ms 410ms	Fetch text/plain	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1494812202174089&correlator=863175747021568&eid=31077978&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_below_end_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=1&didk=1561866748&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697679290126&lmt=1697672090&adxs=459&adys=3910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&vis=1&psz=835x4329&msz=300x0&fws=4&ohw=1600&ga_vid=188089566.1697679289&ga_sid=1697679290&ga_hid=1488784425&ga_fc=true&dlt=1697679287993&idt=834&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=2418553208&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef548bf3c205a100214e2806fa9cc137ab0f19d9b8ee893da992ca0328cc5da3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12915 x-xss-protection 0 google-lineitem-id 6394359787 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138449453847 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	104ms 36ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310120101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47fd92f8579fec8de933e57667781610492e04bd23ddf001c62bf77bdedc9b5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12210 x-xss-protection 0
GET H2	200	container.html Show response cbb0f2d37cf387aece277a6e34bc743a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C23	6 KB 3 KB	90ms 28ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cbb0f2d37cf387aece277a6e34bc743a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 01:34:50 GMT expires Fri, 18 Oct 2024 01:34:50 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	29 KB 13 KB	591ms 591ms	Fetch text/plain	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1494812202174089&correlator=863175747021568&eid=31077978&output=ldjh&gdfp_req=1&vrg=202310120101&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&didk=3691724842&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697679290143&lmt=1697672090&adxs=1069&adys=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&vis=1&psz=370x6032&msz=300x0&fws=4&ohw=1600&ga_vid=188089566.1697679289&ga_sid=1697679290&ga_hid=1488784425&ga_fc=true&dlt=1697679287993&idt=834&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&cust_params=site%3Dwww.ntd.com%252Cntd.com&adks=1165351140&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4f42c59d7fd4f12dfdf3fa0fb7b479e31c5c7d9be86647461f416be5ab285f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12965 x-xss-protection 0 google-lineitem-id 6397678440 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138450608988 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	104ms 28ms	Script text/javascript	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 19 Oct 2023 01:34:50 GMT
GET H2	200	p.gif p.alocdn.com/c/vn3d8u2u/a/etarget/ Redirect Chain https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C... https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...	42 B 351 B	195ms 195ms	Image image/gif	52.88.122.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25222c0ab79e-41d5-4f37-a216-5b470c5896fa%2522%257D&title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tdc=1 Protocol H2 Server 52.88.122.74 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-122-74.us-west-2.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" date Thu, 19 Oct 2023 01:34:51 GMT server nginx/1.20.1 content-type image/GIF Redirect headers location /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%25222c0ab79e-41d5-4f37-a216-5b470c5896fa%2522%257D&title=CCP%20Continues%20to%20Persecute%20Falun%20Gong%20Adherents%3A%20US%20Religious%20Freedom%20Commission%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html&tdc=1 date Thu, 19 Oct 2023 01:34:50 GMT p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" server nginx/1.20.1 content-type image/GIF
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5582	13 KB 5 KB	21ms 20ms	Document text/html	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 12094 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 18 Oct 2023 22:13:16 GMT expires Thu, 17 Oct 2024 22:13:16 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4536	829 B 558 B	31ms 30ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 62539b902fbf308b37ab580bd8cbdc188b7d405984e0417d37f03c26ba45f3f6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-doioIel8D4Qc1UNucOxiJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-doioIel8D4Qc1UNucOxiJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 19 Oct 2023 01:34:50 GMT expires Thu, 19 Oct 2023 01:34:50 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4536	0 0	94ms 54ms	Image text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310120101&jk=1494812202174089&rc=null Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	200	4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response pagead2.googlesyndication.com/bg/ Frame 5582	37 KB 14 KB	60ms 20ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 18:03:18 GMT content-encoding br x-content-type-options nosniff age 27092 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14648 x-xss-protection 0 last-modified Tue, 10 Oct 2023 07:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 17 Oct 2024 18:03:18 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5582	0 10 B	20ms 20ms	Image text/plain	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?xbpFAA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9155	0 0	60ms 59ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj0tZ6cWw6g2t42aIIs018GrB6Ha_Bzfu6O3rqBJ5N5c6JHxcg0Z-VAyAMXo_VnvzHaNiekYWQPv2KA_0DSd4hYnYAqWq4SPdYpUkYvX8ZDSo3taSCSA8VEjDjlK5pIN0NTWm-lhYLelu9TSuDtY4HXYxsGGCaQtIHDmy8oJ6QGxjrBBTxxdVF_uHoZ12l4WhkdY3fCpbZqzR1RGLMKNUmLrpJmjSKby36pgnfL53k0MuXpajDuOhR3PVETgm3sIPtuyYtFdlpF7KaZKlgwTlXOp89Mbk6h_Xf9TtmIYA_FK6E8r0llV3v5vEepQdGsLMwyrEXJ2A7oKL-oz9WiyhHzavXzBi6qv8ohq9Jsf1lmXxdPKxy-hnvgZDAv5jD1ZG6hlBIo4EJJzJMbV8_obDocZykIkzG&sai=AMfl-YR2uOIoDaLyHLmtJGNIE5flNSr5vuwhKrrJx4mp8J3duRzV7533LU1xkpNPanNG9-Pade7bcUMAZrPt3D4o9XblFBhgDBh_VlTZXNyGGezPF6Sb1AmNFfcTayGAfyr0jqqmCQh8pT4Ev-A1Rso&sig=Cg0ArKJSzFJRg6CYJrsoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 19 Oct 2023 01:34:50 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9155	187 KB 59 KB	691ms 690ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 19 Oct 2023 01:34:51 GMT
GET H3	200	10447005650137036669 tpc.googlesyndication.com/simgad/ Frame 9155	98 KB 98 KB	21ms 21ms	Image image/gif	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10447005650137036669? Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 43a82a2f677f4f8ba175fd7d39dca2a747a7c9a5eb3dc0184064ffd25d65a958 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Fri, 13 Oct 2023 22:45:28 GMT x-content-type-options nosniff age 442162 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100491 x-xss-protection 0 last-modified Sun, 08 Oct 2023 01:15:11 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 12 Oct 2024 22:45:28 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 352D	0 0	61ms 58ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz3fVnfgLyyWTXv2M9OfQOFVz7KtlA5BPkxVujmwPWHFizYHxK9SjPZQZiGTo6WWceyprWiaAEjGIQAtLD3wXBiXRtZpsrvwQW08_VwVgPv_IHLYIIskp9jKtDPdXV68d8wAEV9e6CbB8RZbCzj-jiVZ7htpn8Ob3g6dt8mXl3Sh4DvrGN7InvEq9gF_2pZzPtU4TnDo8y87OG-_RyYnubpUEtyjoar_CpKa2gT3GXx73I4GNHLRYK7adS4jdm_DfwLFGr0C6njtoQze7xTGN3LX1HsdtjvMgD2QFySE5-nz1d0a0xZv-PFQRhqAtzEd2YFXzTUXXYE1xhc7X_AikfpzxkGWpCp-F_5UWNAePc1_Xp2HUNwYO9x46C7Q&sai=AMfl-YS1MQKuIs35V2EjcOx2UYzu8mW3spDwnPgwhLIj0Qx-_WLq5OQCZtabc_RVsrsFWe2UeIA3fAJUPxSqOC7UkVUAkQi9_y2yShK2mNE7PNjNyM5F4DYerB1QHrNYX3u1FA7VpORSfqHBigLiUas&sig=Cg0ArKJSzNkoGTJ-kiJdEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.ntd.com URL: https://www.ntd.com/ccp-continues-to-persecute-falun-gong-adherents-us-religious-freedom-commission_886828.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:50 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 352D	187 KB 59 KB	514ms 510ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60178 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1697628223465749" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 19 Oct 2023 01:34:51 GMT
GET H3	200	10124496612077492674 tpc.googlesyndication.com/simgad/ Frame 352D	29 KB 29 KB	23ms 20ms	Image image/jpeg	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10124496612077492674? Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310120101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98fc3ed31a41ff686cce88eab671ee18e34d2f42af76245c9f6ec0cb71e0f673 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 14:01:53 GMT x-content-type-options nosniff age 41577 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29762 x-xss-protection 0 last-modified Wed, 18 Oct 2023 13:31:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 17 Oct 2024 14:01:53 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	59ms 56ms	Image text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310120101&jk=1494812202174089&bg=!NDelN3jNAAbFpEfJ5aQ7ADQBe5WfOJGTNlrzVuT4My3b3WJweMQccMjDa9hf_Y8ALebmDd2Ip6mTvO314YqhzTedlq4PAgAAAEFSAAAACWgBB5kC4CHNwXy3LvZktnguQXoAL6kcZKduSkSqx7u09mj-OaPMVE6G7Syrrhnai8R-b_mkFaB1k3VE1z4uU2mGpHSjiLUuFnO0T2oxVC-WpJKrW0QkrzGvuGeoVi3w0IRjEWjUZsHCwohjqAWbgVKEVuDeGOEKDMauZeNseovgG4ailmDyb34rSU8Zp1fsk4RrQfeiMCa9OitpjJE3IaNCjyCdLmiRXKYzr-LlitlETq_DAgNyOfJVDwQ2jkx9FoVaMF1elihwGZNUe-Pzw8W7BrXLSFnUAQuiXwC1BcpWhwtnHc4byUe9q5emqRt1cQkblJeUhU1K07j7wIVcqAAvx5WJf59RwGlm6VKql-QSnkcqo_g0fQppepLi8GBxAoUyCZcbcfZrIDnJUqPEG4FEYYU533xM2Lm18iZeQ7BW5QLXf02N2Fbke-ZWxS1ANir5utjs1KkCTbmI4yZ8KPbVKclTFTNtN3Z_BvVkJytRSwN892tiBgPe-8dzuk8Dt2RJhRHRcrxxN08_vRUYaPrmTgOG0PzXMm9ffjNKWYZHOzg9kxRo30sore0hNdAxfr9m8xxGGI5wnrEdIfFqfSlYlToGcdyxaRqcCxd8pwh5RbtrDZjk_lh2t060baPP1gMnMDBkhJSZgUK7giyMCQuIBiHJX9hzUHBxe3QNmXxXnvb3HMIIKO8_-mTmkFLHCIIXAxM5_s3n6BkKDs5cnGTaSQsSjmFBhcbjoVEaG4Ud7aoAIqBB4yJohN3HWUy-TYk3_uDwzpks1Wrz4FGlGIwzYWwUuwhnqa0wC0qREHOw4c1AhJljJp1LA21CqvRFqEjeIbREm6SR7egSwIJuGh9J-87KtXevT2XjLLXjaBV0w0HDL83E5Q0jx2MiRYuFJdgwS2kJGpZ51Eb0WGUp8eK2ClaReB0EVcngjoHMVLskKNHrdG1fpMCySJerJVqXpCBsWMTh9LsjAyXqdP8m5fEYTUApyIk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9155	0 0	100ms 59ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq0u6rfMIEPD68-kc5W554RYDedh2XjeEQgGX68PKsLK4GxbVR_y34wXASjx3zXkVX-WWApQzg5wuBS48ZVJXGRCYYjYm5XT_ZSMX-IEoNZ1wt5JI0OBYWGSYDJCDRbjqBrzAvNJ3tODCjkSvdR5ru6_w2A0v1RP6CHbYDjw_yq5cfqzR9gip-BdnLk5E-k-wBO2lt5uIUr-RC1SviT3H7cOoibjJRQIjLN7YEGvz9wHQcS426vRJ-_J0WPqwtrAajhP35QlfllwUtTLdwU_t5ioi0uaQceaWXqeuUjxCjGoxPVdvTwVjete7Jk17QOEz-dOD8brvNkwYioziKYxBE36qbL7-_UqUJUwGSi6vWr_kx630TkPoECmIJyA&sai=AMfl-YSNR65kmJP0pv-ugGFc_89iiuJdBdfitDHIaAbKq1DKZXTwsY8qETB6lOstnJgyreXpyWF3pmiHYzWtw4rcMD2LxOCQd5O4Rt4W_zyQmO6drlilD0T6g_VCcGL_RrcHJJP9T9NnmkAs8zE0Q7U&sig=Cg0ArKJSzCBMu-zzLMv6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 19 Oct 2023 01:34:51 GMT
GET DATA	200 OK	truncated / Frame 9155	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 97fbcaca4ccd29cbbca419650dba480f0e94c93e6d6fb9ab4511b961e2d9a682 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 352D	0 0	80ms 58ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLQugY9qtArkmyIWupZoOr-EKbgyUIwayVfRPLCxunOjrvFOF7zR0ZbCFAh-fL7xxWgE8iWJ_sGdb-EQ4uGgG9Wv7xJ9Of-JoNvwkRzfFDYkG4ZxmtAv4aKeqMhlB_wt66CS37RhbkF4iZI6j8Qz1KdgXkmmDABjcCPylkC9L8yKjBNN_EZy2AZ7lsQjq2abGpiUp71rDKgWxZunlh4yvp9509tHkIznH1NfKaGsrgBfOAg_4rnzo8MpIK8SmGHoXE8rfSiLvjbSFvPsp0JJgx-7BtKPZA2lLyurAseabjGo-QE6X37KDYoDPefTwkSUpht6JTSTgCZtAe_IA7wnJkCYGrJwVEs2iXxJMSVlOsMw&sai=AMfl-YQFaoQZb6U1gcODmHxlz6rRJjuLnV6LSgEYIdtY7TAkif75ziliKum4gVtmzi_Kt2w9NWhmbqYns5pxF4vnFYc_naMC9NG2GZ4j7dvUKpkPPFxgmoRfBtkpTiPdQvBVyoZzEhIh5jBsWxw70p4&sig=Cg0ArKJSzMMMCPbXXg3JEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 19 Oct 2023 01:34:51 GMT
GET DATA	200 OK	truncated / Frame 352D	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c736b48e971cef02152628a4d161e8c950e91e3dd16def4bf4a69d7fb8ca8cdf Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame 4514	3 KB 1 KB	85ms 29ms	Document text/html	104.18.25.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 681 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 818547f3bfad4d54-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Oct 2023 01:34:51 GMT expires Thu, 19 Oct 2023 05:34:51 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame A295	281 B 554 B	78ms 21ms	Document text/html	95.101.149.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-149-233.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Thu, 19 Oct 2023 01:34:51 GMT ETag "4014f-119-6051b805b8000" Last-Modified Mon, 11 Sep 2023 20:52:16 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame CCE1	52 KB 17 KB	66ms 14ms	Document text/html	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 56342 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 19 Oct 2023 01:34:51 GMT ETag W/"623de86a-cf34" Expires Sun, 01 Oct 2023 09:55:16 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 2870, 384197 X-Served-By cache-lga13626-LGA, cache-ams21058-AMS X-Timer S1697679291.473192,VS0,VE0
GET H2	204	/ onetag-sys.com/usync/ Frame D62D	0 0	22ms 22ms	Document text/plain	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1697679288930 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store strict-transport-security max-age=15552000
GET H2	200	ixmatch.html Show response js-sec.indexww.com/um/ Frame CEFD	3 KB 2 KB	81ms 28ms	Document text/html	104.18.25.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 681 cache-control public, max-age=14400 cf-cache-status HIT cf-ray 818547f3bfac4d54-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Oct 2023 01:34:51 GMT expires Thu, 19 Oct 2023 05:34:51 GMT last-modified Mon, 25 Jul 2022 19:18:19 GMT p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 9AD6	52 KB 17 KB	63ms 13ms	Document text/html	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 56342 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Thu, 19 Oct 2023 01:34:51 GMT ETag W/"623de86a-cf34" Expires Sun, 01 Oct 2023 09:55:16 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 2870, 377414 X-Served-By cache-lga13626-LGA, cache-ams21039-AMS X-Timer S1697679291.473146,VS0,VE0
GET H2	204	/ onetag-sys.com/usync/ Frame 4B18	0 0	23ms 23ms	Document text/plain	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1697679288930 Requested by Host: i.ntd.com URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store strict-transport-security max-age=15552000
GET H2	200	bounce Show response ib.adnxs.com/ Frame 9AD6 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 644 B	14ms 14ms	Script text/html	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT an-x-request-uuid dbc63dae-8757-4717-9a6f-6f9793db3813 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT an-x-request-uuid df1b8d36-4897-4967-bb77-17eb490af492 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	bounce Show response ib.adnxs.com/ Frame CCE1 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 643 B	14ms 14ms	Script text/html	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT an-x-request-uuid 4bd252ba-9543-4d9b-b912-9fcdedccc58f server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT an-x-request-uuid b2f01d58-e9c2-4513-9578-9c664ee28158 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels cache-control no-store, no-cache, private x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame A295	41 KB 11 KB	20ms 20ms	Script text/html	95.101.149.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-149-233.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash ed8f1d2925159bd34d1110ccdc537a7436c570fe48119a005869d46a6014987a Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Date Thu, 19 Oct 2023 01:34:51 GMT Content-Encoding gzip Last-Modified Wed, 18 Oct 2023 17:36:42 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=57662 Connection keep-alive Content-Length 11124 Expires Thu, 19 Oct 2023 17:35:53 GMT
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame E659 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 868 B	37ms 36ms	Document text/html	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7187420e770e79ab487aa19a8fdb5d0eebbcd73af86d2e353ea0d72b4f2cfd3 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 818547f45965bb3e-FRA content-encoding br content-type text/html date Thu, 19 Oct 2023 01:34:51 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBDKrR1jNHqsWmYTLsFXjNZ0y1qhge8CgohIqcVYxitZ4Xm3bRBXXilz%2F4U7fqLp6kPfE9Dhx5R%2FM2k3o%2F381gRi4huua36%2F9ceJte%2FAl%2FuDJxO0Zb1pNjE3ihk58%2BJp1BbcjNxH1ZRQWg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 818547f4294cbb3e-FRA content-length 0 date Thu, 19 Oct 2023 01:34:51 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs3aK6APu4KGtADW29FDIUT6Fj1Cc%2F0YZyRyKmdnXRFcDKVBeIBFXp7FDNkfbtURfopTRk9N3J17iwub%2FVWZnmSS5g3DHGvd5iKEvlZ4jJfm2zCS%2BaBMlW25WCDQ6VKWJfieEntIhiTwKg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	usermatch Show response ssum-sec.casalemedia.com/ Frame D54B Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 898 B	35ms 35ms	Document text/html	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e51b20cc5a324e88ffc3965d0ef3006678ef087df9943587cb9fc4c4af52075 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 818547f45963bb3e-FRA content-encoding br content-type text/html date Thu, 19 Oct 2023 01:34:51 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LltoKH%2BQyvYh0jY27FcRCEcWcEbAIMpRUSYSLMlN7P2NrzN%2FaDP8s3%2FeWGOqHCM8st2e0RKMFqTX%2BHCpk53S5qMMtfLIDxwR2cj4%2BFldcVH5DUSGjaIEMwh0G9tqA5KNAoab5D8O6zWxmA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 818547f4294dbb3e-FRA content-length 0 date Thu, 19 Oct 2023 01:34:51 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ky22JS%2FRmdH7I6P9Y5aw9dea6H8n%2F%2FoFdeVEPlY2bhvcNZSoDl%2BrjumlfUkgJZAKdsE76J%2BFwhJccMB%2FSrAD0INks4vNVd6O1JG6fyzkGcacWbiqFv4dhT7BE0a1nw4afme4gcLVCDCHig%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame A295	7 B 380 B	144ms 21ms	XHR application/json	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628 Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type application/json; charset=UTF-8 access-control-allow-origin https://eus.rubiconproject.com Cache-Control no-cache,no-store,must-revalidate access-control-allow-credentials true content-length 7 X-RPHost 54ae5f20a7acdd83fd00ddb00e96a2c1 Expires 0
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame D54B Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid=&dcc=t	43 B 855 B	130ms 130ms	Image image/gif	52.46.155.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:52 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid EGN4783YT229HP5DVQFY Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:52 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid BRHDN3BX2TYWRDMSJYJX Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame D54B Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1	43 B 733 B	33ms 33ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyiONGGh1OY6B3EJfqg7i9m4R6nFfOSnLjjdI0G7bH%2FtcMXI1BzzRJ6LHUK1aumbzpDzvCtTUBbiqWPvF44KbvFXjvbN6GuPltnZB4jUegBlZazqvS6XvcDxpvt%2B%2F8mjTDeclDWd6olR3A%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f52a52382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame D54B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTCHu8rNkhzJ2XD2iXcN4wAAFGYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1	43 B 731 B	36ms 36ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTdmM9nIyVjUy4%2BTYgkx9kiy8X9x%2Bf61p4gVjAUHVaefauY7505ptem9QOM6uUr9MZ1TZKatamuLh5Pn%2FenxdZBu3No1CwMCp7wFqSEbqsqProm8i0hYHUqCLXqO0TOKz34tMLuYzcG8tw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f52a50382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame D54B	70 B 149 B	102ms 30ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	crum dsum-sec.casalemedia.com/ Frame D54B Redirect Chain https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI... https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=	43 B 744 B	35ms 34ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AAFDBmp%2FMJ0uCoZM5ESS0E%2BF3H1HTMlGayoKwpUD55GDLXSzyY%2FaZixw%2FJvk%2Fcxgyx6IHnvY%2Bx%2F5H0A%2FF8CPB1CsMMoOo3UWUPinLSH%2F%2FiMOR48azBCR8uo%2BYiMtQWz2lryNUv3Z4yefQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f51a4b382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent= date Thu, 19 Oct 2023 01:34:51 GMT access-control-allow-credentials true x-powered-by Express keep-alive timeout=5 vary Origin content-length 0
GET H3	200	crum dsum-sec.casalemedia.com/ Frame D54B Redirect Chain https://cm.ctnsnet.com/int/cm?exc=19 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4f2287bcde9849348fb78aa8b55f0026&expiration=1700271291	43 B 729 B	34ms 34ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4f2287bcde9849348fb78aa8b55f0026&expiration=1700271291 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckK8hMWx7ieY5KOb7JSZgQZieDbnvNNKkFAtofgMJlnO26CShoAWaQdgwEZ%2F4LYSyJmxLx4X9semuoaJQHjfZO9Giw27XtHQMq4LubL0q7CC3SR7PFYkgOis8udgDgORtuX8ZGy1HTlWzw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f4fa35382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:50 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=4f2287bcde9849348fb78aa8b55f0026&expiration=1700271291 content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	crum dsum.casalemedia.com/ Frame D54B Redirect Chain https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e3dbc73-01b6-6fe0-01d91757	43 B 726 B	34ms 34ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e3dbc73-01b6-6fe0-01d91757 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4tuLIdux6zUpMaGHyN5rM8E6CZSh2AT%2Fao7lulmF0MmIveFI%2F%2FE65o5shhuBTihGfx%2FgqAS56PJlbVTrpFKBoYhYrUTQnrIx5DjBdrk%2B2nFbKby8TRQTAn8y0YnUk%2B4QuBLTtf4"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f59a86382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers date Thu, 19 Oct 2023 01:34:51 GMT via 1.1 google server nginx/1.24.0 p3p CP='This is not a P3P policy!' access-control-allow-origin * location https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4e3dbc73-01b6-6fe0-01d91757 content-type text/html; charset=utf-8 cache-control max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 119
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame D54B Redirect Chain https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222	42 B 942 B	33ms 33ms	Image image/gif	52.17.210.114 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.17.210.114 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-210-114.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v052-090d39cdd.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 37N5333dQQU= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v052-0119dd7b3.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID AWulbvG/Qy4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZTCHu8rNkhzJ2XD2iXcN4wAA%265222 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame D54B	43 B 229 B	39ms 26ms	Image image/gif	104.18.25.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?ZTCHu8rNkhzJ2XD2iXcN4wAA%265222 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 60695 etag "902a3d-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 818547f4a8244d54-FRA content-length 43 expires Fri, 20 Oct 2023 01:34:51 GMT
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame E659 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1	43 B 743 B	33ms 32ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2%2BmY41gqmXW%2BUtoYuFvFCYwYFRBDpF7wSjT4cXD%2FwnkM6cGrvvu%2FB%2FL61DqwEMZ6xX%2F0QzeqNH30zI9Ow3JEYCLjFjKrbuSNyysKrP0oCk%2FeokECGAD09w%2B2mZdZPrnk%2Fy5OL8xopxRnQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f52a4f382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECAlHbGnyXnE9mApnK-kDlI&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 364 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame E659	70 B 148 B	100ms 30ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT server Kestrel content-length 70 content-type image/gif
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame E659 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid= https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid=&dcc=t	43 B 855 B	122ms 122ms	Image image/gif	52.46.155.104 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid=&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:52 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid KB05JASS0RDWVD9FESXY Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 19 Oct 2023 01:34:51 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid YBQ96C5ZKZA2Z0YXH6PT Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTCHu6Qla4aoTPRuDlVlzAAAFFkAAAAB&gpp=&gpp_sid=&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	crum dsum-sec.casalemedia.com/ Frame E659 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTCHu6Qla4aoTPRuDlVlzAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1	43 B 738 B	34ms 34ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BoX2PJCrvb9%2B%2FS1Y8sEPNtBPKTTDPXOP1WAhft%2Fm9Wy1gbskuR3jt9ilRYcvXmnrCd7GSlIbVCA14C7KskL7wztGt%2BlHFgFLhxSVem6RqPXTZ7nFZgAi%2B3KZH2qqaiCuT5g3Avvr%2B1JZA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f52a54382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELG_A1LmGPNY2sBCM7D9l20&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame E659 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZTCHuwAAAbS8XQA_ https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTCHuwAAAbS8XQA_&_test=ZTCHuwAAAbS8XQA_	43 B 730 B	32ms 32ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTCHuwAAAbS8XQA_&_test=ZTCHuwAAAbS8XQA_ Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVNvoi%2FtD8a6yA34ykXsBmT47UP0ghL4L06pG6MoKlYHphx3EcbqfuTz0Z2YffQyt0Xp1bIORr0M4dJdG8JFoTsSV44kPTqa%2BYM0oFM5ignKXRsgLm%2F99upXPmj6U2Zrlc9DX8ac3O8ZPA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f5aa8c382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers x-served-by cache-ams21080-AMS pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT via 1.1 varnish server Varnish x-timer S1697679292.766173,VS0,VE0 x-cache HIT location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZTCHuwAAAbS8XQA_&_test=ZTCHuwAAAbS8XQA_ cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame E659 Redirect Chain https://ad.turn.com/r/cs?pid=21 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505426074670185659	43 B 730 B	41ms 40ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505426074670185659 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34iFRTOBL93Cpg2r0UnZhrkOFtSeTDmMi26FfSTowpDo5dXnE9CYpI9DKRMeFqzLPLA6ak7sMnwdHAxaf2cXkmXmaEG4BUIf7v8uq0iowpm4YqohbO9PUzHuK%2BxRP0wdD9Q6c3T%2FKPRjyA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f50a44382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7505426074670185659 pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H3	200	crum dsum-sec.casalemedia.com/ Frame E659 Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=32A81DE43E344DE59EC0AE038847EB2A	43 B 771 B	32ms 32ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=32A81DE43E344DE59EC0AE038847EB2A Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Wx7bmSxgBaQY4yR%2ByBV2o0jf4cP6%2BWBJD6rrGwXwanv4iKDGnWFrNbivc1cIyfUzx4BogdveUJC5S7y38ZeVNZRtrvLyDkO9ozOR1CISWUfYX7tIur%2B4GtfAjbyA6FURR%2Bof%2BAYcnbmpA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f50a36382b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers date Thu, 19 Oct 2023 01:34:51 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=32A81DE43E344DE59EC0AE038847EB2A access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Wed, 18 Oct 2023 01:34:51 GMT
GET H2	200	crum dsum.casalemedia.com/ Frame E659 Redirect Chain https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1067303616888211285	43 B 354 B	46ms 35ms	Image image/gif	104.18.26.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1067303616888211285 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Server 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsfKe%2BJfodLfs7Lz7WK1u1r%2BguuTXg6%2FonRLo2LOKQ48Muskkb4j12MzaQ5YLsFXOYL1AUi9kQ0G%2F%2FKLfhFXO4vc6rds0icsXUTGO7R2HiQ1PNQf%2FVemdEDt9i4ARNbW%2Be7FNC0E"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 818547f4c9aabb3e-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 19 Oct 2023 01:34:51 GMT an-x-request-uuid 9f82e488-cf31-4c5d-b1e8-a5ff4790d71f server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1067303616888211285 x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame E659	43 B 103 B	36ms 28ms	Image image/gif	104.18.25.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?ZTCHu6Qla4aoTPRuDlVlzAAA%265209 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language nl-NL,nl;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Thu, 19 Oct 2023 01:34:51 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 60695 etag "902a3d-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=86400 accept-ranges bytes cf-ray 818547f4a8254d54-FRA content-length 43 expires Fri, 20 Oct 2023 01:34:51 GMT
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame 9AD6	0 592 B	14ms 13ms	Script text/html	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:52 GMT an-x-request-uuid 5a8804f7-066c-4898-bf8d-83291d1620ce server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame CCE1	0 593 B	15ms 13ms	Script text/html	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers pragma no-cache date Thu, 19 Oct 2023 01:34:52 GMT an-x-request-uuid a547718c-dfb4-48f5-899f-292477af2489 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 37.48.94.3; 37.48.94.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

prebid.adnxs.com

URL

https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain

prebid.adnxs.com

URL

https://prebid.adnxs.com/pbs/v1/openrtb2/auction