www.ntd.com Open in urlscan Pro
2606:4700::6812:181e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.day/A-prime-message-for-all-human-beings
Effective URL:
https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gon...
Submission: On January 31 via manual (January 31st 2024, 5:16:49 pm UTC) from US — Scanned from NL

Summary HTTP 163 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 33 domains to perform 163 HTTP transactions. The main IP is 2606:4700::6812:181e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 796762.
TLS certificate: Issued by E1 on December 6th 2023. Valid for: 3 months.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2606:4700::68... 2606:4700::6812:181e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2.19.11.133 2.19.11.133	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.107.251.162 34.107.251.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.32.75 108.138.32.75	16509 (AMAZON-02) (AMAZON-02)
2	34.120.97.157 34.120.97.157	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	34.110.129.224 34.110.129.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	52.218.153.120 52.218.153.120	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	52.84.174.60 52.84.174.60	16509 (AMAZON-02) (AMAZON-02)
4	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
2	18.173.191.32 18.173.191.32	16509 (AMAZON-02) (AMAZON-02)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2 6	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.219.108.161 3.219.108.161	14618 (AMAZON-AES) (AMAZON-AES)
2	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:cb07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	185.162.95.70 185.162.95.70	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1	2600:9000:20e... 2600:9000:20e1:ce00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.210.6.32 54.210.6.32	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:730... 2600:1f18:730:b150:4519:67ab:1ad0:9849	14618 (AMAZON-AES) (AMAZON-AES)
1	184.72.144.85 184.72.144.85	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:e6:... 2606:4700:e6::ac40:ca07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.164.26.44 35.164.26.44	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.191.105.118 54.191.105.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:fa00:e:291c:8fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	34.247.62.134 34.247.62.134	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
163	45

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.day	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6812:181e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.19.11.133 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-133.deploy.static.akamaitechnologies.com

i.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.251.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.251.107.34.bc.googleusercontent.com

subs.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Cologne, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static5.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static8.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.32.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-75.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com

pwe.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.153.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-60.cdg50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.191.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-191-32.muc50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.108.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-108-161.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cb07 (United States)

ASN13335 (CLOUDFLARENET, US)

mixproxy.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.162.95.70 (St Petersburg, Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: sm-server1-1.smir12.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e1:ce00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.6.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-6-32.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:932 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:4519:67ab:1ad0:9849 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.72.144.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-144-85.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:ca07 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.26.44 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-26-44.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.105.118 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-105-118.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:fa00:e:291c:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.62.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-62-134.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	ntd.com www.ntd.com — Cisco Umbrella Rank: 796762 i.ntd.com — Cisco Umbrella Rank: 825979	3 MB
16	epochbase.com subs.epochbase.com — Cisco Umbrella Rank: 354376 pwe.epochbase.com — Cisco Umbrella Rank: 86252 ea.epochbase.com — Cisco Umbrella Rank: 85770	146 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 50477 static.mixi.media — Cisco Umbrella Rank: 95304 stat.mixi.media — Cisco Umbrella Rank: 62771 static5.mixi.media — Cisco Umbrella Rank: 210487 static7.mixi.media — Cisco Umbrella Rank: 90005 static6.mixi.media — Cisco Umbrella Rank: 101144 static8.mixi.media — Cisco Umbrella Rank: 81537 static2.mixi.media — Cisco Umbrella Rank: 758112	389 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	648 KB
9	adnxs.com 2 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1859 ib.adnxs.com — Cisco Umbrella Rank: 253 acdn.adnxs.com — Cisco Umbrella Rank: 598	41 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	158 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	76 KB
6	clickcertain.com 2 redirects a.clickcertain.com — Cisco Umbrella Rank: 5981	5 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477	14 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3215 idx.liadm.com — Cisco Umbrella Rank: 2032 rp.liadm.com — Cisco Umbrella Rank: 1497 rp4.liadm.com — Cisco Umbrella Rank: 7027	17 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 707	815 B
3	stat.media stat.media — Cisco Umbrella Rank: 37327	1 KB
3	epoch.cloud mixproxy.epoch.cloud — Cisco Umbrella Rank: 83178 cdn.epoch.cloud — Cisco Umbrella Rank: 110333	176 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	235 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644	3 KB
2	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	407 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 6262	1014 B
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 478	861 B
2	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 5105	779 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	137 KB
2	youmaker.com sc.youmaker.com — Cisco Umbrella Rank: 100345	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	69 KB
1	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 45805	1 KB
1	usbrowserspeed.com 1 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6074	273 B
1	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 41881	595 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 1917	104 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 976	445 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 9209	408 B
1	amazonaws.com s3-us-west-2.amazonaws.com	60 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	29 KB
1	tnews.day 1 redirects tnews.day	874 B
163	33

	Domain	Requested by
41	www.ntd.com	www.ntd.com
13	i.ntd.com	www.ntd.com
11	pwe.epochbase.com	www.ntd.com
6	a.clickcertain.com	2 redirects a.remarketstats.com a.clickcertain.com
6	fonts.gstatic.com	www.google.com www.ntd.com fonts.googleapis.com
6	ib.adnxs.com	2 redirects i.ntd.com
4	onetag-sys.com	i.ntd.com
4	ea.epochbase.com	www.ntd.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
4	www.google.com	www.ntd.com www.gstatic.com www.google.com
3	stat.media	stat.mixi.media
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.ntd.com www.googletagmanager.com
3	mixi.media	www.ntd.com static.mixi.media
2	eus.rubiconproject.com	i.ntd.com eus.rubiconproject.com
2	js-sec.indexww.com	i.ntd.com
2	acdn.adnxs.com	i.ntd.com
2	match.prod.bidr.io	1 redirects a.clickcertain.com
2	pixel.tapad.com	2 redirects
2	p.alocdn.com	1 redirects
2	cdn.epoch.cloud
2	static5.mixi.media	www.ntd.com
2	htlb.casalemedia.com	i.ntd.com
2	fastlane.rubiconproject.com	i.ntd.com
2	exchange.postrelease.com	i.ntd.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	static.mixi.media	mixi.media www.ntd.com
2	sc.youmaker.com	www.ntd.com
2	www.youtube.com	www.ntd.com www.youtube.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	tag.trovo-tag.com	a.clickcertain.com
1	a.usbrowserspeed.com	1 redirects
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	a.remarketstats.com	1 redirects
1	idx.liadm.com	b-code.liadm.com
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	fonts.googleapis.com
1	prebid-match.dotomi.com	www.ntd.com
1	static2.mixi.media	www.ntd.com
1	static8.mixi.media	www.ntd.com
1	static6.mixi.media	www.ntd.com
1	static7.mixi.media	www.ntd.com
1	sync.go.sonobi.com	www.ntd.com
1	mixproxy.epoch.cloud	pwe.epochbase.com
1	prebid.adnxs.com	i.ntd.com
1	stat.mixi.media	mixi.media
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.google.nl	www.ntd.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	www.googletagservices.com	www.ntd.com
1	subs.epochbase.com	www.ntd.com
1	tnews.day	1 redirects
163	57

This site contains links to these domains. Also see Links.

Domain
donate.ntd.com
www.theepochtimes.com
mixi.media
help.ntd.com

Subject Issuer	Validity	Valid
ntd.com E1	`2023-12-06` - `2024-03-05`	3 months	crt.sh
i.ntd.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-15` - `2025-02-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
mixi.media R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.google.nl GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
static.mixi.media R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
stat.mixi.media R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2023-05-31` - `2024-06-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
epoch.cloud GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
stat.media R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
trovo-tag.com Amazon RSA 2048 M02	`2023-04-08` - `2024-05-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Frame ID: D6FA5A658D73A6A0AC01AE8D010F899A
Requests: 142 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=y1ksf2u09jdc
Frame ID: 8D2B3C0605140E2FFA67E4B116EADB0A
Requests: 8 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Frame ID: C057CED99FC520DC0E3F7A3467D441F3
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 49353B060260A709660218EBD6378A30
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4EDC35896C9AB1119EC247DA173C1390
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1706721403815
Frame ID: A332AF1A90192983427EB7C452E4DC27
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 894AD0E34C02780D62893D5A1AEB50A2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 514F426047512EA9F7BCD6BED814493F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 785A39237DA103C0CDD467133D83A50B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1706721403815
Frame ID: 1B81211AFD2B52E9F23DBB8484AC6CD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

‘A Crucial Message for All Human Beings’: Chinese Find Insight From Article by Founder of Falun Gong | NTDcommentcommentcommentcommentcommentcomment

Page URL History Show full URLs

https://tnews.day/A-prime-message-for-all-human-beings HTTP 307
https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

163
Requests

93 %
HTTPS

47 %
IPv6

33
Domains

57
Subdomains

45
IPs

9
Countries

4860 kB
Transfer

9403 kB
Size

39
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.ntd.com/
Title: Support US

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/replacing-god-the-ccps-century-long-war-against-faith_3883475.html
Title: indoctrinated

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/falun-gong-founder-li-hongzhi-publishes-why-do-human-beings-exist_5000952.html
Title: article

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/chinas-funeral-parlors-suppliers-crushed-by-demand-amid-covid-death-surge_5008030.html
Title: severe

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/deaths-among-ccp-elites-rise-as-covid-wave-hits-china_4941364.html
Title: uptick in

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/23-years-of-ccp-persecution-how-falun-gong-practitioners-became-the-most-oppressed-group-in-chinese-society_4605766.html
Title: suppression

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/unmatched-wickedness-tribunal-confirms-longstanding-allegations-of-organ-harvesting-by-china_2970592.html
Title: found

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_5012697.html
Title: The Epoch Times

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14165957&bl=95162&ct=adpreview&st=46&nvuuid=80277344-7bc5-ba41-6500-002cbad80121&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=740377665&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14121697&bl=95162&ct=adpreview&st=46&nvuuid=807a7377-7be1-babb-6500-0057bad701e6&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=1474721723&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14153209&bl=95162&ct=adpreview&st=46&nvuuid=80f5736b-7bf9-ba97-6500-0050bad70140&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=1346399127&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12896908&bl=95162&ct=adpreview&st=46&nvuuid=80ca73d2-7b8c-ba74-6500-0062bac4014e&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=1649332852&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14153190&bl=95162&ct=adpreview&st=46&nvuuid=80f57309-7be6-ba64-6500-002cbad70190&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=747637092&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14153185&bl=95162&ct=adpreview&st=46&nvuuid=80f57366-7be1-ba17-6500-007cbad70109&bvuuid=369cb830-f495-4a64-9b6a-f3f603cace51&rnd=2080990743&ag=25&ev=H4sIAAAAAAAA_-OSOHr-AdvDr3fZfr6-z9YzdTLbMyD9EIgBhYm_ThoAAAA&suid=CiRhZWI5OGYxMi05NGFiLTQxMmQtYWQwYy02YWRkMjBiMmJhYjgSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://help.ntd.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.day/A-prime-message-for-all-human-beings HTTP 307
https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html HTTP 302
https://a.clickcertain.com/px/smart/a/?seg=a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&c=2455d1796b86efb HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5

Request Chain 147

https://rp.liadm.com/j?dtstmp=1706721404634&se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&tv=v2.12.0&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&wpn=lc-bundle&cd=.ntd.com HTTP 302
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&cd=.ntd.com&dtstmp=1706721404634&tv=v2.12.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&i6=MmEwMDoxNjMwOjI6NjA4Ojo5

Request Chain 150

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522eb48dd6a-bf4e-45e7-aea0-99ddca8e64ec%2522%257D&title=%E2%80%98A%20Crucial%20Message%20for%20All%20Human%20Beings%E2%80%99%3A%20Chinese%20Find%20Insight%20From%20Article%20by%20Founder%20of%20Falun%20Gong%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522eb48dd6a-bf4e-45e7-aea0-99ddca8e64ec%2522%257D&title=%E2%80%98A%20Crucial%20Message%20for%20All%20Human%20Beings%E2%80%99%3A%20Chinese%20Find%20Insight%20From%20Article%20by%20Founder%20of%20Falun%20Gong%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tdc=1

Request Chain 152

https://a.clickcertain.com/px/ta/?ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=ae13c62a-6098-4772-b07d-595d10cf0424

Request Chain 153

https://a.usbrowserspeed.com/cs?puid=b550cbd7-132c-567a-aedb-31db8f15e296&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d070f16fa%2dd3e0%2d4408%2db303%2d51a44a0b51f5%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5&uid=874a0eed-81f1-467b-80bf-f3366957b83e&hem=

Request Chain 155

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 165

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 166

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

163 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html Show response
www.ntd.com/
Redirect Chain

https://tnews.day/A-prime-message-for-all-human-beings
https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

141 KB
25 KB

693ms
634ms

Document
text/html

2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

9bd18c9f84d9cdb5baf7499dc8d464f29d12c496e62e39350cb8c8f70a28cafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 84e39a97bba6b724-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 17:16:42 GMT
expires: Wed, 31 Jan 2024 21:16:42 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 84e39a93494165f0-AMS
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 17:16:41 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
location: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vElrkuaH2QKNFI%2FWEOsuS7zj%2B2ywPBdrQfUCIWr8VbL5YH5t60aUe10iPcfljWQghjfMVnim5D1kUSg5hZCmZECL0gzABYNI7ZyJt4bjZh2qEjF0lhGtanaJAQyROJ3E7SzV0gXtxJM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-redirect-powered-by: Pretty Link Pro Developer 3.6.2 http://prettylink.com
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK 01212023-DSC07722-900x506.jpeg
i.ntd.com/assets/uploads/2023/01/ 659 KB
660 KB 961ms
884ms Image
image/jpeg 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/01/01212023-DSC07722-900x506.jpeg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

27de955ad2dc0e5b9ee993ec6dd504eb4b1d1b3fd4e928811ad06adf1e08517d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 674598
Last-Modified: Sun, 22 Jan 2023 02:43:37 GMT
Server: nginx
ETag: "63cca2d9-a4b26"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535976
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Thu, 30 Jan 2025 17:16:19 GMT

GET
H/1.1 200
OK ntd-logo-comment.png
i.ntd.com/assets/themes/ntd/images/ 35 KB
36 KB 101ms
24ms Image
image/png 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:42 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 35679
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-8b5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30507301
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 18 Jan 2025 19:31:43 GMT

GET
H2 200 template.css
subs.epochbase.com/lib/ 4 KB
1 KB 183ms
127ms Stylesheet
text/css 34.107.251.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.epochbase.com/lib/template.css
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.251.107.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 7ba241a9f560ed19ea6cf9b763bd7c1a2120d7b13f0387f758f96138d19e7942

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 12 Jan 2024 01:01:13 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
expires: Wed, 31 Jan 2024 18:16:42 GMT

GET
H2 200 6e0e087fd8d38d29.css
www.ntd.com/_next/static/css/ 168 KB
48 KB 615ms
614ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/6e0e087fd8d38d29.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780a0e8440d24f4505731e17905d4b31f0f2008a36c081fc02877cd8afc90a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2a0b0-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bbfe0b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 5bb473991d248c54.css
www.ntd.com/_next/static/css/ 23 KB
5 KB 485ms
484ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5cf7-18d57599c54"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bbfe1b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 3142a792e382aafb.css
www.ntd.com/_next/static/css/ 15 KB
3 KB 472ms
472ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/3142a792e382aafb.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"3db9-18d57599c59"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bbfe2b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 30418f44-85d0cd07c9902eeb.js Show response
www.ntd.com/_next/static/chunks/ 680 KB
185 KB 627ms
624ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"a9f15-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdff0b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 2116-9ae6cf7826be2d15.js Show response
www.ntd.com/_next/static/chunks/ 10 KB
4 KB 477ms
474ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2116-9ae6cf7826be2d15.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0936c5c9a81e22635143fda4ba88273a67759ee800878b2ba8ce42f9c381f62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"27cc-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdff1b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 663.b97456ed77acb23c.js Show response
www.ntd.com/_next/static/chunks/ 10 KB
4 KB 473ms
470ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/663.b97456ed77acb23c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f144249af8ea4133d488adbe4aee126575141b21e63c5ee5242a5a19c1855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2823-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdff3b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 563.44233f0951680e71.js Show response
www.ntd.com/_next/static/chunks/ 12 KB
5 KB 482ms
479ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/563.44233f0951680e71.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6de355eccfa973ac4534a3907eab52b0404a94f4b232997fe48df199a511461

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2f87-18d57599c59"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdff4b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 webpack-8693d3fcd266f64a.js Show response
www.ntd.com/_next/static/chunks/ 6 KB
3 KB 479ms
476ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/webpack-8693d3fcd266f64a.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95592d82a95024026b81d400ce04a7e9e52eaecae3ebd7fbfde51a8820d9595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"193a-18d57599c57"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdff7b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ntd.com/_next/static/chunks/ 127 KB
41 KB 635ms
633ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1fbd2-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdffbb724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 main-9f9ad50cce646180.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
34 KB 622ms
620ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1ce12-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bdffeb724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 _app-6edef8c4a05febf4.js Show response
www.ntd.com/_next/static/chunks/pages/ 322 KB
97 KB 778ms
776ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007ad0e05b52ceb6b842c38f085d0d6c6e88dc59a8553c97e9a33c8d598e167d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"50963-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd805b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 2373-7460ee92f1267c41.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
41 KB 633ms
631ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2373-7460ee92f1267c41.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1d099-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd80ab724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 2962-a4df57f83cf7a4f7.js Show response
www.ntd.com/_next/static/chunks/ 17 KB
5 KB 479ms
477ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"4442-18d57599c5b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd80db724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 1276-37f5982c5d642883.js Show response
www.ntd.com/_next/static/chunks/ 75 KB
22 KB 635ms
634ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1276-37f5982c5d642883.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48c9bae88b131f13bfc887d29eab2624cbc76b9f52ee4dbfa526bdea4f3ca3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"12aeb-18d57599c5b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd810b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 1294-07c25a588fe87df1.js Show response
www.ntd.com/_next/static/chunks/ 14 KB
5 KB 484ms
482ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1294-07c25a588fe87df1.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624f897565301dfadf2dc5f82b316a38978803afddd43192f77249eec041d13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"391a-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd811b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 1335-62db32bca98fac91.js Show response
www.ntd.com/_next/static/chunks/ 128 KB
17 KB 665ms
664ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1335-62db32bca98fac91.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1744de03c297908b7c72489f535271d32f6268760dd7e7e5eb4782a93bc8f825

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"20151-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd812b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 39-e693c02de40de378.js Show response
www.ntd.com/_next/static/chunks/ 13 KB
4 KB 480ms
478ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de523e97a88472a3647697b04dc64876c12b073e3a0f281ab7f42cdc7d3a8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"34ae-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd813b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 6674-225ab7197f71512c.js Show response
www.ntd.com/_next/static/chunks/ 7 KB
2 KB 485ms
483ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/6674-225ab7197f71512c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d531fa8daaca8f5072568bf15fec5c140428fec7078d1cb5d4110c06d44eea1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1a7a-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd814b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 1601-e16e404666ee2e1f.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
2 KB 483ms
481ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1601-e16e404666ee2e1f.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"22bf-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd816b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 %5Burl%5D-8ba24cd43cdc2122.js Show response
www.ntd.com/_next/static/chunks/pages/ 22 KB
7 KB 489ms
488ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-8ba24cd43cdc2122.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f185d5e1f3ff326d44c1783d5761c23581a6e541c33a28115b266fc2aa4ebd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5851-18d57599c54"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd817b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 _buildManifest.js Show response
www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/ 4 KB
2 KB 488ms
487ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/_buildManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c329933b45a665763f3fb0e24e79c2b08b99721c103788d5da7f80e57c2b3f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1095-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd819b724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H2 200 _ssgManifest.js Show response
www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/ 598 B
329 B 485ms
484ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/_ssgManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:32:05 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"256-18d5759e5c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39a9bd81bb724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:42 GMT

GET
H/1.1 200
OK NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 660 B
1 KB 98ms
22ms Image
image/svg+xml 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:42 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 660
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-294"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28350391
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NTDLogo.svg
www.ntd.com/images/ 660 B
612 B 475ms
475ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"294-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84e39aa07c6db724-AMS
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 footer-app-logo.png
www.ntd.com/images/ 73 KB
73 KB 187ms
187ms Image
image/png 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 74494
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"122fe-18a84a34db2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa07c6fb724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 NTD_BackToTop.svg
www.ntd.com/images/ 2 KB
920 B 546ms
546ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTD_BackToTop.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7d6-18a84a25fec"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84e39aa07c71b724-AMS
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK Daniel-Lou183B7146-615x410.jpg
i.ntd.com/assets/uploads/2023/01/ 188 KB
189 KB 830ms
830ms Image
image/jpeg 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/01/Daniel-Lou183B7146-615x410.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c2abca414624719957b07f1806a877e02acad60ed4313a7ad0d8190b3e48681b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 193004
Last-Modified: Fri, 27 Jan 2023 19:46:37 GMT
Server: nginx
ETag: "63d42a1d-2f1ec"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Thu, 30 Jan 2025 17:16:43 GMT

GET
H/1.1 200
OK DSC_5294-1-768x511.jpg
i.ntd.com/assets/uploads/external/2022/01/ 314 KB
314 KB 804ms
804ms Image
image/jpeg 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/external/2022/01/DSC_5294-1-768x511.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1fe533b8523d434f5e40fb9df9462b670f21282755982e1b8554b8de79fc7b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 321243
Last-Modified: Sun, 06 Nov 2022 05:45:47 GMT
Server: nginx
ETag: "63674a0b-4e6db"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Thu, 30 Jan 2025 17:16:43 GMT

GET
H/1.1 200
OK Shanghai-Covid-GettyImages-1457795867-615x432.jpg
i.ntd.com/assets/uploads/2023/01/ 291 KB
292 KB 859ms
813ms Image
image/jpeg 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2023/01/Shanghai-Covid-GettyImages-1457795867-615x432.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4f9f9970363208bf361c0799b7ce11af8208eea9b1bab0b030c40803f4bdf386

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 298039
Last-Modified: Fri, 27 Jan 2023 19:49:52 GMT
Server: nginx
ETag: "63d42ae0-48c37"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535989
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Thu, 30 Jan 2025 17:16:32 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 102ms
45ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32047f50e34d3e948499d645f88d14cdfeb533b44860a8eab816e64330f4db44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H2 200 8735.d0b957bfa55e8687.js Show response
www.ntd.com/_next/static/chunks/ 44 KB
15 KB 610ms
610ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-8693d3fcd266f64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"af73-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 84e39aa22e4db724-AMS
x-xss-protection: 1; mode=block
expires: Thu, 30 Jan 2025 17:16:43 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 125ms
71ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-8ba24cd43cdc2122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

586f659586473e9b365b83e8d4472465ff3c406e98fb7c0812aa633f1b75d683

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
2 KB 386ms
103ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/563.44233f0951680e71.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 83aa861b967ddd9f6c635c8251363ef9e92e879b8ba5ef99fb4bc99f26113f2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 17:16:43 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 31-Jan-2024 17:16:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 100ms
45ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e8216f7cee1c7a430b077dc7d1265c411fce4ce5875e6787a1a94a8ca000309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
46 KB 94ms
39ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d74d332e3ab7d3e53b77f189412609641bfbfe80e04f7c67f98b48a78807f71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46729
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
29 KB 175ms
65ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a40c7ba1a5bc21e5988926321f6751094781341f6341b1f6491ea8da0bbb5ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29450
x-xss-protection: 0
server: cafe
etag: 834 / 19753 / m202401250101 / config-hash: 10899137798716379325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H/1.1 200
OK prebid.js Show response
i.ntd.com/assets/themes/m-ntd/js/ads/ 275 KB
276 KB 62ms
23ms Script
application/javascript 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 281947
Pragma: no-cache
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-44d5b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=28763983
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
70 KB 138ms
35ms Script
application/javascript 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:19:43 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 3421
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 5VYWfBVl8a582oXoL0SdCTPw7MLTpe2T6UmcpJ2cWJAFKQGbY9b-lg==

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 1 KB
210 B 527ms
527ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9aa89c37681cecc9721fcf4e8e4f07df2d0bb89b3475ca2153f1480f62da89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 84e39aa23e62b724-AMS
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 665 B
721 B 195ms
133ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=897697,969623,969969,969965,969866,969800,969829,969831,969841,969795&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: bc37bd6883e3bbcf1b76b14b001979bf07fd23f4f3b086480aa936ea069f824b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665

POST
H2 200 getcounts Show response
www.ntd.com/v1/api/video/ 50 B
167 B 628ms
628ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/getcounts

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/663.b97456ed77acb23c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f42e31641570b9546b265c0026140c3fc1da01c3393146847c9482a206537c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: gzip
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 84e39aa23e63b724-AMS
x-xss-protection: 1; mode=block

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 638 B
425 B 522ms
522ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

600bd97141302471752974ad3da4fcc6e336575674928418b15482bb9cc3eee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 84e39aa23e65b724-AMS
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 408 B
599 B 194ms
132ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=969615,969465,969739,969547,969824,969455&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 7a95e7a86ef563a232f04572655e558bf6870dd8b5b7600f76bb744b38430796

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 408

GET
H2 200 geo Show response
pwe.epochbase.com/ 143 B
323 B 197ms
129ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/geo
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4c4fb27c2d0bf96aad8bb2c15ccf820bc54e256c96fe1cceaead9aadf06d40f0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143

GET
H2 200 default-user.png
www.ntd.com/images/ 3 KB
3 KB 472ms
470ms Image
image/png 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/default-user.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 2560
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
etag: W/"a00-18a84a25ff1"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27ea4b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 share.svg
www.ntd.com/images/ 338 B
319 B 469ms
467ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"152-18a84a25ffa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84e39aa27ea6b724-AMS
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 share_single.svg
www.ntd.com/images/ 388 B
388 B 178ms
176ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share_single.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"184-18a84a25ffa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84e39aa27ea9b724-AMS
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H/1.1 200
OK id969466-Philadelphia-police-tapeGettyImages-1161653463.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 8 KB
9 KB 47ms
46ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id969466-Philadelphia-police-tapeGettyImages-1161653463.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

372cc065e28ed8d19c56bf125f4cd7690980a5e5aba5e6794ca037d9ab92dc81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 8616
Last-Modified: Mon, 29 Jan 2024 13:33:29 GMT
Server: nginx
ETag: "65b7a929-21a8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31405824
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id964077-Brooklyn-police-tape.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 10 KB
11 KB 81ms
42ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id964077-Brooklyn-police-tape.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2d47e2977636a54c72aabdd3ba0d57b23c7ab52b22b300372ce9d2a753caa85e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 10714
Last-Modified: Wed, 03 Jan 2024 17:22:20 GMT
Server: nginx
ETag: "659597cc-29da"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31178475
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id969836-Actor-Tyler-Christopher.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 14 KB
14 KB 50ms
50ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id969836-Actor-Tyler-Christopher.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ed3fc82f43315e8156f2d2dc3d120b215b8d43fef37c9c87248b5564d21c7665

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 14096
Last-Modified: Tue, 30 Jan 2024 19:13:51 GMT
Server: nginx
ETag: "65b94a6f-3710"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31460458
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id969556-222-house-.png-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 18 KB
19 KB 56ms
56ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id969556-222-house-.png-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bd6300f1f21239bf3271aee546312c3e39445499f4af6166f0dd92e344277675

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 18700
Last-Modified: Mon, 29 Jan 2024 18:08:43 GMT
Server: nginx
ETag: "65b7e9ab-490c"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31366491
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id969825-police-car.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 8 KB
9 KB 33ms
33ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id969825-police-car.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

42da0f92249021c3a55541ef03f9a47907c76a8903f60093b521ae231f86d817

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 8402
Last-Modified: Tue, 30 Jan 2024 18:26:54 GMT
Server: nginx
ETag: "65b93f6e-20d2"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31454016
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id969458-Ruby-slippers-once-worn-by-Judy-Garland-in-the-The-Wizard-of-Oz.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/01/ 14 KB
14 KB 53ms
53ms Image
image/webp 2.19.11.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/01/id969458-Ruby-slippers-once-worn-by-Judy-Garland-in-the-The-Wizard-of-Oz.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.133 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-133.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

28f2e79f178f3dd23138d9b66b8fe0391b5a144300fb8a6784f11b923008397c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 31 Jan 2024 17:16:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 13918
Last-Modified: Mon, 29 Jan 2024 12:30:58 GMT
Server: nginx
ETag: "65b79a82-365e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31502564
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 apple.jpg
www.ntd.com/images/tv-providers/ 8 KB
8 KB 479ms
478ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/apple.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae28b89ed960eddf42f0f3b3b385316516261f125d7cf72bc017f1de285ad80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 8161
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"1fe1-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eaab724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 comcast.jpg
www.ntd.com/images/tv-providers/ 14 KB
14 KB 620ms
619ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/comcast.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46bb48b07c4889dd66816975b21842973900a4d9efc848c98d55622d797686e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 14232
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"3798-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eacb724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 distrotv.jpg
www.ntd.com/images/tv-providers/ 12 KB
12 KB 614ms
612ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/distrotv.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ce58fe5c3f26bc8d99bde76c9b990cf14c34b5e93b53044d52f1abc0d86cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 12604
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"313c-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eafb724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 firetv.jpg
www.ntd.com/images/tv-providers/ 23 KB
23 KB 615ms
614ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/firetv.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952ed5d34d71ad32b79b34e662884688dafff050260234610cfae209338a0c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 23554
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"5c02-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eb0b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 frontier.jpg
www.ntd.com/images/tv-providers/ 18 KB
18 KB 325ms
324ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/frontier.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a28855ba32c69182bba018fec0bc991f4ec03d23ac9a86045e4bf9625d48edfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 18644
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"48d4-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eb1b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 roku.jpg
www.ntd.com/images/tv-providers/ 14 KB
14 KB 618ms
617ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/roku.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf54544f62d9d0e97b9b8a26d424db4f4b98fc4850307978e152990912b1ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 14136
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"3738-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eb3b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 sony.jpg
www.ntd.com/images/tv-providers/ 25 KB
25 KB 617ms
616ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/sony.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6fddd8301d32165dd2a28e977c349c59d648dafce7ead0b52743e735a3cd054

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 25253
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"62a5-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eb5b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 verizon.jpg
www.ntd.com/images/tv-providers/ 11 KB
11 KB 616ms
615ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/verizon.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2951eafa26a407dcfe41882deeb7b680df8505f384bbabbe2197446e90d3958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 11487
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"2cdf-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84e39aa27eb6b724-AMS
expires: Wed, 31 Jan 2024 21:16:43 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/ 216 KB
67 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68501
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 05:16:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 30 Jan 2025 16:51:22 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 483 KB
194 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:59:12 GMT

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 60 KB
60 KB 584ms
185ms Script
application/javascript 52.218.153.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.153.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c8b6b93af3505c579bdc917f1663989a94c92f64b7859d017cec5b6686ef50be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Tue, 30 Jan 2024 23:37:05 GMT
Server: AmazonS3
x-amz-request-id: KH5ZN8J6AEGJXYPH
ETag: "897ab9ed8e4209c668636b8e476ae1a4"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 61138
x-amz-id-2: PQ13dIi5W4vXG3unKm4G3RjN91F2Dn3AepqjDh3AtHFGt+8T9V6inpI0WOryLZZIvb7OHPHLIfI=
Expires: Thu, 29 Feb 2024 23:37:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fbe255fad6ee127e9b23edf8a28bc748ff5ae9818bea990551ed3f29c2e5571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96481
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 17:16:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 57ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je41t0v896365836&_p=1706721403227&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1221401933.1706721403&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706721403&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&dt=%E2%80%98A%20Crucial%20Message%20for%20All%20Human%20Beings%E2%80%99%3A%20Chinese%20Find%20Insight%20From%20Article%20by%20Founder%20of%20Falun%20Gong%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=2730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 73ms
25ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=1221401933.1706721403&gtm=45je41t0v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 113ms
58ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=1221401933.1706721403&gtm=45je41t0v896365836&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=585005391

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracking Show response
pwe.epochbase.com/api/config/ 108 B
187 B 128ms
128ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/config/tracking?siteId=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e9d3d7e6cb9ff6ef4db59515e3f42573f7be7106a6b84e226da79f4413224d78

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 436 KB
137 KB 167ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 16:01:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4501
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139565
x-xss-protection: 0
server: cafe
etag: 12534472742743793976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 30 Jan 2025 16:01:42 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 98ms
39ms XHR
application/javascript 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
date: Wed, 31 Jan 2024 17:16:43 GMT
x-amz-cf-pop: MUC50-P2
age: 34327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bFbH-eQxCDiC6tiI7Fi8GaWMcA8pQ8Ze44BkJS4dABwjiYi5fNUSMg==

GET
H2 200 ae51d432-b517-4c68-9f8a-22444acccbb5 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
834 B 864ms
798ms Script
application/javascript 52.84.174.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-60.cdg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 92819ee7675ce02782f977f40b764a5f81e60e1adcf8204ff6ba4448ea54dd9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
via: 1.1 16de6e3636993b2d3f832b9ae653bd68.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P1
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: CurTzqwJ0zsUSxxsOBJPI8xhEcIo4KwmRhVg4vgadg2KXwFyEFO4ow==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 38ms
38ms XHR
text/plain 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 15:39:37 GMT
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 5825
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: XfarAuGsY4kIZr8Li2F-WCoeueOGrHUPC8FZD9OPjgjj47AEW67XYA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 36ms
36ms XHR
text/plain 108.138.32.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-32-75.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 15:39:37 GMT
via: 1.1 7f6fdb9a0ec439bac9ac6cc0db13237e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 5825
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: j1z7j_CopibXYkDfLyN7K3CsXd58sgsdcUg5_VbuxonzTXJuDpXSUA==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8D2B 45 KB
28 KB 84ms
83ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=y1ksf2u09jdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a633036a28411376106f11213702d2c1fbffe12d29dd9fbf3c948f9bbcc26b94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xzs8A-nWh1busqWbFNus3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xzs8A-nWh1busqWbFNus3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 17:16:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mixpanel-2.48.1.min.js Show response
pwe.epochbase.com/libs/ 52 KB
18 KB 167ms
130ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 15 Dec 2023 22:33:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 18:16:43 GMT

GET
H3 200 template Show response
pwe.epochbase.com/api/ 1 KB
676 B 128ms
128ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 311ms
91ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 31 Jan 2024 17:16:43 GMT
expires: Wed, 31 Jan 2024 18:16:43 GMT
pragma: public
server: nginx/1.20.1

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 321ms
321ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: public
date: Wed, 31 Jan 2024 17:16:44 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 31 Jan 2024 18:16:44 GMT

GET
H3 200 data Show response
pwe.epochbase.com/api/flow/ 5 KB
1020 B 127ms
127ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/data?siteId=www.ntd.com&flowId=live-ntd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 92afa134a96be4e90c9cd070737d84092d67f1340152a9c80ee4ee505ba968c5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK jsapi.v5.12.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 242ms
66ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 07:51:02 GMT
Server: nginx
ETag: W/"62455d66-3eabf"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.mixi.media/ 77 KB
28 KB 583ms
408ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.mixi.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 223ms
48ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:43 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
353 B 185ms
79ms XHR
text/javascript 18.173.191.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&pid=aoaItDjHXQ2HT&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-191-32.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qxuwDM8Ncf76ug91TX-iFKpkaQv0sOgLdEitmXpKsTjzHRaojrdgXA==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 638 B
746 B 93ms
18ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: c7de7f71ff6321b0e877c640db71837d14106546936ee39603f8d8fe006e1b82

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 17:16:43 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
826 B 90ms
18ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a7abd06711dfc0c45061b3a7594c708cc04d8ce315e40fccb7b6b910221b4df8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
an-x-request-uuid: 03f01977-ef21-4050-b709-553358f26e4c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
389 B 323ms
105ms XHR
application/json 3.219.108.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=7e27db3ca6023&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.108.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-108-161.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 660 B
1002 B 91ms
21ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=85e5174e-bc0e-4f2a-acf5-27320ad8b447&l_pb_bid_id=100f3502947028&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.5099936658541762
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 030d1ff920f35bc6d1d2bc2d6990e2f6f22351799e8ba027879f9901689554e0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
549 B 114ms
47ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22118b21775cb4587%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22121d2399326f5da%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994a48fc6cda18d6beb9833fa71d419e356b1b92bfac460c3a5e8fa3f72f6425

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPGWZd2W3%2BY70qtxYMQjCyKWZEPLGbrSAbEVDNZUDR5L%2FVecle330TUfGSHDMYvaj8RDWkkEWhiSPOcnEoLq%2BOCetVgeHnWGbiODJdsrY7Xxeu%2F1%2FD8qG1Dn5sRbi%2FKymflpdDKj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84e39aa5bbcd666a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 91ms
25ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
354 B 164ms
76ms XHR
text/javascript 18.173.191.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&pid=aoaItDjHXQ2HT&cb=1&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-191-32.muc50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 0a93e5f50864322b5cd49038d9c83154.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qiJZ0hmBG1L5qpcxSiqBGUQjq4uNEwwarSHBk4FtcGd9E1yAfTeBjA==

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 628 B
1 KB 80ms
20ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=859c3bd6-4522-4ed7-a78e-b5bc1d273621&l_pb_bid_id=21a1d5e612d8bef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.7837539581317914
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9f0554ed785fdc547a0d15afd6599f5af080cd2dcb5b9044ab3fb575477d3f65

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
312 B 113ms
54ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22223a1981510d651%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22234a03dda39fee1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacae8aaa403f5250d083752778216820711a5edfa9203c490ed5afd99d1a4aa

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSCFnRGTs5%2BbFnJ5Q47z2SUGR8%2Bk3M5TLqMhKBKOdPrbVC5XMpUr1b8fKMzTWxCcIdpOe3%2BoDTwZhgVb4pDKB1vHDy6x2pAE06h7BSrcqEBQTG0GQNzgQMeXRWBwDkf0J%2FJ2uibG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84e39aa5bbcf666a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 307ms
102ms XHR
application/json 3.219.108.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=24bbd12197968af&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.108.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-108-161.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
825 B 77ms
19ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

17ae8b5fdd72ddf8599628a25825d3debd308262f4695f781090a51c40ed5a8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:43 GMT
an-x-request-uuid: 9612da34-5487-45e4-9580-eb790c8f9f8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 84ms
25ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 5965368 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 160ms
55ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5965368?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5605ada359e0952e9d6f08c7507cc1d2173fc86bc9824b2886fb5f54f06fbb0e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xax0vJ79ygNBwVbaSVXptw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Xax0vJ79ygNBwVbaSVXptw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw_G74dVaNoEDe9csYAYAcCtYqA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 38 B
54 B 128ms
127ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=813459c0-c05c-11ee-b41f-6741053d5904&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&resetPeriod=1&resetUnit=days&countSamePage=false
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38

POST
H2 200 / Show response
mixproxy.epoch.cloud/mixpanel/track/ 1 B
694 B 352ms
290ms XHR
application/json 2606:4700:e6::ac40:cb07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1706721403748

Requested by

Host: pwe.epochbase.com
URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:cb07 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400
content-length: 1
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ntd.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXkM7xIyzBDPvnaIndoeEYvDr%2B8oiaDJJGpVJQ3ROsigLPtS%2BA3y38p8gCfA%2F1ydLcZ35Vapw5DOKEo7jQKVoxY931EusCLPA6wecCBOp1rpN8am0bdURB6B93yMk5Ko7q%2Bpl3CSjaTrjb9SnAREZbfBSg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 84e39aa5de16b7b2-AMS
access-control-allow-headers: X-Requested-With

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 8D2B 55 KB
24 KB 79ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=y1ksf2u09jdc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 14:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 14:02:05 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 8D2B 483 KB
193 KB 94ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197938
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:59:12 GMT

GET
H2 200 us.gif
sync.go.sonobi.com/ 49 B
445 B 302ms
92ms Image
image/gif 2607:f350:3:2569:0:10:0:c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:44 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-137
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 0
13 B 140ms
139ms XHR
text/plain 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=813459c0-c05c-11ee-b41f-6741053d5904&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 123ms
123ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: b1208321ffe4b0d1126af28acd6b19f28e2ea0e11681369cc43b6d54e5b46b31

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 31 Jan 2024 17:16:44 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 31-Jan-2024 17:16:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Node: ads5-3ssel52

GET
H3 200 NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js Show response
www.google.com/js/bg/ Frame 8D2B 17 KB
7 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/NJoY_V4jI6PkkmceXDBS3pUujDrlmaNXUDelo4JV6T4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=y1ksf2u09jdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6860
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:59:10 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8D2B 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:51:38 GMT
x-content-type-options: nosniff
age: 80705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 18:51:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D2B 15 KB
16 KB 161ms
50ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 496188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D2B 15 KB
15 KB 162ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options: nosniff
age: 198499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8D2B 102 B
135 B 61ms
61ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8595d4c6e0bd33129c56a7d081de2e5cf93687b14ccf24ca27d8dabe35b6390

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=nl&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=y1ksf2u09jdc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 17:16:43 GMT

GET
H2 200 AGSKWxV-LAyvQWUNqpa2m4KvYg6bR81-CuchiR5xJ_3X48VScH8ETupXDm6vQf9sTJzxeCeZtEFhZn7b_OzcH-UOdwR3YMpww3unTfejzd9iyoqPLHWRlRt5JNs2JpI8Xfkxw4GHG9UUNw== Show response
fundingchoicesmessages.google.com/f/ 398 KB
61 KB 143ms
142ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV-LAyvQWUNqpa2m4KvYg6bR81-CuchiR5xJ_3X48VScH8ETupXDm6vQf9sTJzxeCeZtEFhZn7b_OzcH-UOdwR3YMpww3unTfejzd9iyoqPLHWRlRt5JNs2JpI8Xfkxw4GHG9UUNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NzIxNDAzLDk4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9hLWNydWNpYWwtbWVzc2FnZS1mb3ItYWxsLWh1bWFuLWJlaW5ncy1jaGluZXNlLWZpbmQtaW5zaWdodC1mcm9tLWFydGljbGUtYnktZm91bmRlci1vZi1mYWx1bi1nb25nXzg5NzY5Ny5odG1sIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwibmwiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzWDYptd5e2TTX8p5vFJtE9yYHw9Q/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fed1a2fe9817c538dff36c908a9d69ab360d6dd5036b4a73556248b1cd27bea3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HXZYyIUE2PqyuYkXX9pN7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-HXZYyIUE2PqyuYkXX9pN7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0LQWEYBuDjySMfJZkwG04mTOYzGSxKUWRSkuVMspCBfyDvO9iMwkIZjDYiGSQGCwdh8bEwuIdruOxTU8DuUzTVpyy1PW1g5T_SFirKiRpwSJ7oDEHVoAjoRYPKYPqdyQaP14Vc7wt5IAAP75U-MI5FzbekYGdK8EwXvAZLGYdsVbAOzr7g0EDwcC54AhlDcA46LLkLzbjkNtTTklug5SUn4FmQ_IXSbsFVcDusv9q1Z3Ed7qPwHxabWI4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 template Show response
pwe.epochbase.com/api/ 4 KB
1 KB 127ms
126ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: d5fa5a1f4fb7b2ac5071a2f12b0d3615048df32a5686cc1d32610a79d5ff5a29

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 92ms
92ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 31 Jan 2024 17:16:44 GMT
expires: Wed, 31 Jan 2024 18:16:44 GMT
pragma: public
server: nginx/1.20.1

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 98ms
97ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: public
date: Wed, 31 Jan 2024 17:16:44 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 31 Jan 2024 18:16:44 GMT

GET
H/1.1 200
OK 11589639.jpeg
static5.mixi.media/img/400x300/ 38 KB
39 KB 126ms
56ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/11589639.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 8bb483d64bb6143fd469cc1b8a111aa9da2f7a50474e9e4ba1eb0b15df6fd44b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Tue, 30 Jan 2024 00:28:43 GMT
Server: nginx
ETag: W/"65b842bb-3dddd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 39274

GET
H/1.1 200
OK 11558928.jpeg
static7.mixi.media/img/400x300/ 32 KB
32 KB 134ms
56ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/11558928.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 3c9188860229e5cc561edacc2d2428b85d0e12bc102f3568fca5f572c70346be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Tue, 16 Jan 2024 20:53:45 GMT
Server: nginx
ETag: W/"65a6ecd9-527d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 32528

GET
H/1.1 200
OK 11580740.jpeg
static6.mixi.media/img/400x300/ 62 KB
63 KB 123ms
56ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/11580740.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: fe42b20d8fb9877e0fff2aed972e9c1b61d848bee536e1da23ff014f54e83412

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Thu, 25 Jan 2024 19:54:10 GMT
Server: nginx
ETag: W/"65b2bc62-5550c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 63807

GET
H/1.1 200
OK 10571390.jpeg
static5.mixi.media/img/400x300/ 41 KB
41 KB 113ms
57ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.mixi.media/img/400x300/10571390.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: ea3ae6930150fa98882faa7bb190c646f8f825bccdef2381c798970cb7d9ead2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Tue, 08 Nov 2022 19:15:54 GMT
Server: nginx
ETag: "636aaaea-a31f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 41759

GET
H/1.1 200
OK 11580724.jpeg
static8.mixi.media/img/400x300/ 46 KB
46 KB 123ms
56ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.mixi.media/img/400x300/11580724.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 3a0f68318231392bf4d7b979fd7e58bb6f1a21e8bd7949afe30dc02438bb1ab5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Thu, 25 Jan 2024 19:40:18 GMT
Server: nginx
ETag: W/"65b2b922-18591"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 47213

GET
H/1.1 200
OK 11580719.jpeg
static2.mixi.media/img/400x300/ 52 KB
53 KB 135ms
57ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.mixi.media/img/400x300/11580719.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 95f7f3f48596b1ddc2d2c42aad3b75b0b8535866f32ccceaef5834419632ff72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Thu, 25 Jan 2024 19:33:01 GMT
Server: nginx
ETag: W/"65b2b76d-208d0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 53704

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 191ms
70ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 react.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 10 KB
4 KB 129ms
129ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 18:16:44 GMT

GET
H3 200 react-dom.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 129 KB
44 KB 134ms
134ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react-dom.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:44 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 18:16:44 GMT

GET
H3 200 signInCombo-2.1.umd.js Show response
pwe.epochbase.com/libs/ 259 KB
74 KB 134ms
134ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 3acb255cac21f9104061a499e4e19b334675e6e03ee45433a2c3f781b2ac2b90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Jan 2024 19:57:22 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 18:16:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 100 KB
6 KB 99ms
43ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxhqEcpIAMhmfYRPdUUyniWtnlCdQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 17:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 17:16:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 17:16:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 496188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:10:32 GMT
x-content-type-options: nosniff
age: 79572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:10:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:19:49 GMT
x-content-type-options: nosniff
age: 140215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 02:19:49 GMT

POST
H3 204 AGSKWxWsrCHGToQRbWhVaoZJ6K9y9E_zsHfX2pnlqecMVEf_S14VkvCNjSG9D281vHtcrQtiTydhOlKH6TmGWlINoZ1EEAfzOB-iTUm2PBUmnsQZPxXT8aJEhGBfCZyx7Vo9JysGQXcNHQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 138ms
34ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWsrCHGToQRbWhVaoZJ6K9y9E_zsHfX2pnlqecMVEf_S14VkvCNjSG9D281vHtcrQtiTydhOlKH6TmGWlINoZ1EEAfzOB-iTUm2PBUmnsQZPxXT8aJEhGBfCZyx7Vo9JysGQXcNHQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LJyJ3GYB9bE_XDyLxJOwAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-LJyJ3GYB9bE_XDyLxJOwAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH40_Dq7VsAis2XJ_FCADwxCC4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 218ms
55ms Script
application/javascript 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxi4xZeE1jE&cb=_callbacks____0ls21uvqr
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: ea17abe8e2e195604a18d8ed101c1b7a7d70cababb1adb15e9072b720ec34c41

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:44 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 73918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 20:44:46 GMT

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 48 KB
15 KB 113ms
28ms Script
application/javascript 2600:9000:20e1:ce00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:ce00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 222ad281ccb208776191d939f265714ae18b1a47e852991ad2721018dfc409e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:13:51 GMT
content-encoding: gzip
via: 1.1 ad8435b5d8ce6330cfea09301a17c5b8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
age: 79373
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: egM-QqGDQWsBXTGD-KP8netQoORZSSUV0owKIXNP7Q-VByO4pq1qfw==

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
883 B 139ms
139ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGEyZDA5NWQ2LTljYjEtNGFmZi04NjY2LWQ3YTA2NjFjZjBmNRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzA2NzIxNDA0Mzk1GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDUzY2JkMzdmLTExOTAtNDkwNy1hOThkLWU3MTBmYWUzYmM2MxoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1706721404432
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Wed, 31 Jan 2024 17:16:44 GMT
Last-Modified: Wednesday, 31-Jan-2024 17:16:44 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 31 Jan 2024 17:16:44 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 162ms
54ms XHR
text/plain 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 31 Jan 2024 17:16:44 GMT
Server: nginx
Connection: keep-alive

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
368 B 337ms
104ms XHR
text/plain 54.210.6.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&cd=.ntd.com&qf=0&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.6.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-6-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 2
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 4164ddb3abfc4077
expires: Wed, 31 Jan 2024 18:16:44 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 54ms
54ms XHR
text/plain 185.162.95.70
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.162.95.70 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: sm-server1-1.smir12.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 31 Jan 2024 17:16:44 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
https://a.clickcertain.com/px/smart/a/?seg=a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&c=2455d1796b86efb
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5

5 KB
2 KB

141ms
141ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2454e37f5e1a4d36dd60d69966816562519f0cfe2429d3af47c8efe6c949622e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:45 GMT
content-encoding: br
x-frontend: cc-nginx-99567d858-7k64b:cc-nginx-99567d858-7k64b
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 217d223d-7142-4bcf-91f7-44bbb2d731e0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZyJDpyWzWuu0HL%2B9Xh3nRZtkcYWnIxKnqc2oq%2FX0eGxbsTOM8h9bXEr%2FPhXbtyATy%2BYHiCrfsvtQrIOkJAJc8DclRsLPRchodGFeuD30iaO7x9wGs4UqlYkao8K%2F8xyAezQ%2B05%2BMM3wT1kdoujiIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 84e39aad5c020b6e-AMS

Redirect headers

date: Wed, 31 Jan 2024 17:16:44 GMT
x-frontend: cc-nginx-99567d858-c7qg7:cc-nginx-99567d858-c7qg7
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 070f16fa-d3e0-4408-b303-51a44a0b51f5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weuZdShwSLom1gSkh1zq7tgFG3oSJoCDd%2F6pGzPeOTMBz%2BfndkGun021UpmFCX4BwkSjBwm13DlqKhIE2ZDbiFfa612vf5Zb9fGG9d9FY%2F9tTNFXxiHuMkD7rmHKGH2fTMCBYzmLju9TsFfX%2F6xkgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
cf-ray: 84e39aac5a750b6e-AMS

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1706721404634&se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&tv=v2.12.0&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insigh...
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&cd=.ntd.com&dtstmp=1706721404634&tv=v2.12.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for...

13 B
318 B

376ms
102ms

XHR
application/json

184.72.144.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&cd=.ntd.com&dtstmp=1706721404634&tv=v2.12.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&i6=MmEwMDoxNjMwOjI6NjA4Ojo5
Protocol: H2
Server: 184.72.144.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-144-85.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:45 GMT
x-pixel-event-id: f7bdd838-7012-4565-81b1-62cec7356ce4
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm&cd=.ntd.com&dtstmp=1706721404634&tv=v2.12.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&i6=MmEwMDoxNjMwOjI6NjA4Ojo5
access-control-allow-origin: https://www.ntd.com
date: Wed, 31 Jan 2024 17:16:44 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 51 KB
51 KB 331ms
273ms Font
application/octet-stream 2606:4700:e6::ac40:ca07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e4d8523-ca40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE3b75pjHqKVe7I5P55d1NukveNonf4%2BIi0%2B3LPE4Cs4ivCcBS1YRtyLiGSggG8zdTLf7SloGSFXbT4AXWvh9oVJArHkSkmsRzh7U%2FPL81bMKe8I2YJzWvxeVk3gOvQz6DDtMmayxVE8rleidX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e39aab6db15c47-AMS
alt-svc: h3=":443"; ma=86400
content-length: 51776

GET
H2 200 RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ 123 KB
124 KB 86ms
28ms Font
application/octet-stream 2606:4700:e6::ac40:ca07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1977
alt-svc: h3=":443"; ma=86400
content-length: 126244
last-modified: Tue, 07 Jun 2022 20:08:09 GMT
server: cloudflare
etag: "629fb029-1ed24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO3fQi4zW56p23OL2IzYFO29DBq3VB9mTZ%2F3R5%2FlVp191cHMKFTi3olw%2FKZpqwMTm8PR7iphZpelQ4v1GkEq52SLNryAVTlI3izSlYUdiGCqmOhhcnwL7nYB5%2FwYJMPW%2Bp7GS6bnqlFtGiuxxq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84e39aab6db35c47-AMS

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...

42 B
351 B

173ms
173ms

Image
image/gif

35.164.26.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522eb48dd6a-bf4e-45e7-aea0-99ddca8e64ec%2522%257D&title=%E2%80%98A%20Crucial%20Message%20for%20All%20Human%20Beings%E2%80%99%3A%20Chinese%20Find%20Insight%20From%20Article%20by%20Founder%20of%20Falun%20Gong%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tdc=1
Protocol: H2
Server: 35.164.26.44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-26-44.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Wed, 31 Jan 2024 17:16:45 GMT
server: nginx/1.20.1
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522eb48dd6a-bf4e-45e7-aea0-99ddca8e64ec%2522%257D&title=%E2%80%98A%20Crucial%20Message%20for%20All%20Human%20Beings%E2%80%99%3A%20Chinese%20Find%20Insight%20From%20Article%20by%20Founder%20of%20Falun%20Gong%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fa-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html&tdc=1
date: Wed, 31 Jan 2024 17:16:45 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.20.1
content-type: image/GIF

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame C057 2 KB
1 KB 125ms
124ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a0f682a9dfded19f040a82d46c580a6a9027820ddf13a500a1e63651a59f600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84e39aae4d170b6e-AMS
content-encoding: br
content-type: text/html
date: Wed, 31 Jan 2024 17:16:45 GMT
etag: W/"M2JhMzY1YjJnZDZlZWc0MjY5ZzlmNTNnNmYzYmQ2YzBhOWFkLXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZVx6ebkYU9VAApipT%2FXKUnDpztDtWbeOu%2F2PeQnLLfg7x2jgJj5XfQreJ5ZUrmf%2BydlUBUDC7DW%2BTsOppoprOuVB5FNPjnt%2FhGhvluYXYaI3nc9ya8NmjnVZseo3cYs6unPJKVqK5Ucyz2OxbHgLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-99567d858-7k64b:cc-nginx-99567d858-7k64b
x-requestid: e15dc44b-df09-4598-96eb-6f76f05b432a

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame C057
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=ae13c62a-6098-4772-b07d-595d10cf0424

0
334 B

140ms
140ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=ae13c62a-6098-4772-b07d-595d10cf0424
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:45 GMT
x-frontend: cc-nginx-99567d858-qg864:cc-nginx-99567d858-qg864
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 38723315-3f81-4e15-adbe-05db729e6f7f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv5bTGcDRdoakK%2FpJ%2FFCDS%2FvOuk4NtswV3r24QYzQ9bLN0U4TwrWIcNtW5ZcQEazVoI3zIVPH%2Bg7F51osLtOU7eeunfvmez%2BXFQXPRf1kW1G6iuLejP4fnkkaErvKSgyYb8c4Spt2rJfOp86k0%2BuMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e39ab098380b6e-AMS

Redirect headers

date: Wed, 31 Jan 2024 17:16:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=ae13c62a-6098-4772-b07d-595d10cf0424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame C057
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=b550cbd7-132c-567a-aedb-31db8f15e296&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d070f16fa%2dd3e0%2d4408%2db303%2d51a44a0b51f...
https://a.clickcertain.com/px/t/?done=true&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5&uid=874a0eed-81f1-467b-80bf-f3366957b83e&hem=

0
292 B

135ms
135ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5&uid=874a0eed-81f1-467b-80bf-f3366957b83e&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:45 GMT
x-frontend: cc-nginx-99567d858-7k64b:cc-nginx-99567d858-7k64b
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 5b59c72d-7dc1-4747-952f-0f7642aeea1e
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkOAoh43ZQ29lJ%2FmujFTiQyNFQ2JWK5t7GyFLPZcMjqplo72R0YM3COgBZxwIQU65Y3hCT9yGxsQiY0J%2FkVZBKd9q1MMJUyrjlitQTml7ASEBeNxZ59yLq1CjtZTzXJLsGKGem01jk6xXaATC06jbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84e39ab28aa30b6e-AMS

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5&uid=874a0eed-81f1-467b-80bf-f3366957b83e&hem=
date: Wed, 31 Jan 2024 17:16:45 GMT
server: awselb/2.0
content-length: 164
content-type: text/html; charset=utf-8

GET
H2 200 ldc.js Show response
tag.trovo-tag.com/ Frame C057 1 KB
1 KB 167ms
49ms Script
application/javascript 2600:9000:26da:fa00:e:291c:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:fa00:e:291c:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 17:16:45 GMT
via: 1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache
content-length: 1164
x-amz-cf-id: 3jIZIf9YJcP5dPVJXQuYwgyvptD8dapUTTWRaGQkQeF0qzji8tOytQ==

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame C057
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

32ms
32ms

Image
text/plain

34.247.62.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad&cn=NL&rid=070f16fa-d3e0-4408-b303-51a44a0b51f5

Protocol

HTTP/1.1

Server

34.247.62.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-62-134.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Wed, 31 Jan 2024 17:16:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET /
a.clickcertain.com/px/r/ Frame C057 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4935 52 KB
17 KB 66ms
17ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 42585
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 31 Jan 2024 17:16:46 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2553, 332733
X-Served-By: cache-lga13626-LGA, cache-ams21067-AMS
X-Timer: S1706721406.096269,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4EDC 52 KB
17 KB 68ms
17ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 42585
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 31 Jan 2024 17:16:46 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2553, 324113
X-Served-By: cache-lga13626-LGA, cache-ams21076-AMS
X-Timer: S1706721406.098994,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame A332 0
0 24ms
24ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1706721403815

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 894A 3 KB
2 KB 66ms
24ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 187
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 84e39ab41d23286a-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 17:16:46 GMT
expires: Wed, 31 Jan 2024 21:16:46 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 514F 281 B
555 B 83ms
23ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 17:16:46 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 785A 3 KB
1 KB 66ms
26ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 187
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 84e39ab41d28286a-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 17:16:46 GMT
expires: Wed, 31 Jan 2024 21:16:46 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 1B81 0
0 24ms
24ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1706721403815

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 514F 39 KB
11 KB 24ms
23ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b31375c972d57d3197eb4f7d8b990dd0b051a144139dd65cdb214ae389388b13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 17:16:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Jan 2024 11:21:46 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=64995
Connection: keep-alive
Content-Length: 10921
Expires: Thu, 01 Feb 2024 11:20:01 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 4935
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
970 B

17ms
17ms

Script
text/html

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:46 GMT
an-x-request-uuid: 60c35135-fd84-43bd-a8ca-a0e476014cca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:46 GMT
an-x-request-uuid: e1e57415-b0a7-4437-a0bf-bff87bfc6fa3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 4EDC
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
970 B

51ms
51ms

Script
text/html

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:46 GMT
an-x-request-uuid: 136dd4f8-53e3-4bae-8e28-372bb1191a2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Jan 2024 17:16:46 GMT
an-x-request-uuid: 9a39e687-1a4b-462c-ab3e-26a81eea711e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 514F 7 B
380 B 115ms
26ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: a.clickcertain.com
URL: https://a.clickcertain.com/px/r/?ccid=3ba365b2-d6ee-4269-9f53-6f3bd6c0a9ad

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 03:41:21	Name: lidid Value: 4e708bc9-d6b9-40f2-928e-8bdabaee18b2
tnews.day/	1970-01-20 18:48:33	Name: prli_click_8345 Value: A-prime-message-for-all-human-beings
tnews.day/	1970-01-21 02:50:57	Name: prli_visitor Value: 65ba80795d2d7
.ntd.com/	1970-01-21 03:41:21	Name: pw_cid Value: 813459c0-c05c-11ee-b41f-6741053d5904
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vHJ9_JQYyNE
.youtube.com/	1970-01-20 22:24:33	Name: VISITOR_INFO1_LIVE Value: qpuAbsM3WC8
.ntd.com/	1970-01-21 03:41:21	Name: _ga_2BRDBGYLL0 Value: GS1.1.1706721403.1.0.1706721403.60.0.0
.ntd.com/	1970-01-21 03:41:21	Name: _ga Value: GA1.1.1221401933.1706721403
.ntd.com/	1970-01-21 02:50:57	Name: mp_lib Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d6085e362bfa-057af2087eb658-6b305750-1d4c00-18d6085e362bfa%22%2C%22%24device_id%22%3A%20%2218d6085e362bfa-057af2087eb658-6b305750-1d4c00-18d6085e362bfa%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.adnxs.com/	1970-01-21 03:41:21	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 02:50:57	Name: khaos Value: LS21UVF7-1U-9L5V
.rubiconproject.com/	1970-01-21 02:50:57	Name: audit Value: 1\|naVuGyos1qrwoGx42y2U+efhqFI7AU9Uad321cYfjPKlQO4GhT73jX+K0a3sPpz4256dQHZRyj3z8yenK/o+fxEiWVDBisffxMlTS3QW8QAijy0RC4Zd8dAPlTu0R9RN
.mixi.media/	1970-01-20 20:29:21	Name: nid Value: ads5-3ssel52
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85137\|ZbqAf
.stat.media/	1970-01-21 02:50:57	Name: _sm_uid Value: a2d095d6-9cb1-4aff-8666-d7a0661cf0f5
.stat.media/	1970-01-21 02:50:57	Name: _sm_udt Value: 1706721404395
.stat.media/	1970-01-20 18:05:23	Name: _sm_sid Value: 53cbd37f-1190-4907-a98d-e710fae3bc63
.stat.media/	1970-01-20 18:48:33	Name: _sm_cm Value: 32
.ntd.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ntd.com
.ntd.com/	1970-01-21 03:41:21	Name: _lc2_fpi Value: 33df6995a8cd--01hng8bsk0qk8fm8561a58cwgm
.ntd.com/	1970-01-21 03:41:21	Name: _lc2_fpi_meta Value: {%22w%22:1706721404512}
.mixi.media/	1970-01-21 02:50:57	Name: _sm_uid Value: a2d095d6-9cb1-4aff-8666-d7a0661cf0f5
.mixi.media/	1970-01-21 02:50:57	Name: _sm_udt Value: 1706721404395
.mixi.media/	1970-01-20 18:05:23	Name: _sm_sid Value: 53cbd37f-1190-4907-a98d-e710fae3bc63
www.ntd.com/	1970-01-20 22:24:33	Name: _geuid Value: eb48dd6a-bf4e-45e7-aea0-99ddca8e64ec
www.ntd.com/	1970-01-20 22:24:33	Name: _geps Value: true
.liadm.com/	1970-01-21 03:41:21	Name: lidid Value: 4e708bc9-d6b9-40f2-928e-8bdabaee18b2
a.clickcertain.com/	1970-01-21 02:50:57	Name: _ccpx_u Value: 3ba365b2%2dd6ee%2d4269%2d9f53%2d6f3bd6c0a9ad
a.clickcertain.com/	1970-01-21 02:50:57	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-21 02:50:57	Name: _ccpx_2455d1796b86efb Value: 1
.bidr.io/	1970-01-21 03:33:51	Name: bito Value: AAJuIU7LdQEAABbDTfiLDg
.bidr.io/	1970-01-21 03:33:51	Name: bitoIsSecure Value: ok
.alocdn.com/	1970-01-21 02:50:57	Name: uuid Value: 2da2bfc5-2b66-49fe-9abb-d08d6bba256a
.tapad.com/	1970-01-20 19:31:45	Name: TapAd_TS Value: 1706721405490
.tapad.com/	1970-01-20 19:31:45	Name: TapAd_DID Value: ae13c62a-6098-4772-b07d-595d10cf0424
.tapad.com/	1970-01-20 19:31:45	Name: TapAd_3WAY_SYNCS Value:
.a.usbrowserspeed.com/	1970-01-21 02:50:57	Name: tuid Value: 874a0eed-81f1-467b-80bf-f3366957b83e
.adnxs.com/	1970-01-20 20:14:57	Name: XANDR_PANID Value: VnysHsnWzG6FVk2RAcfwQFjT9mAKJTxBdjrIbn368T6CP2Ew5zVbUsxoTLS8FuGYg_8FAMvATFabrPw801YaaKQFynjj3IugjOY6189k9o0.
.adnxs.com/	1970-01-20 20:14:57	Name: uuid2 Value: 5367612106540160968

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.ntd.com/a-crucial-message-for-all-human-beings-chinese-find-insight-from-article-by-founder-of-falun-gong_897697.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
aax.amazon-adsystem.com
acdn.adnxs.com
b-code.liadm.com
c.amazon-adsystem.com
cdn.epoch.cloud
config.aps.amazon-adsystem.com
ea.epochbase.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
htlb.casalemedia.com
i.ntd.com
ib.adnxs.com
idx.liadm.com
js-sec.indexww.com
match.prod.bidr.io
mixi.media
mixproxy.epoch.cloud
onetag-sys.com
p.alocdn.com
pixel.tapad.com
prebid-match.dotomi.com
prebid.adnxs.com
pwe.epochbase.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s3-us-west-2.amazonaws.com
sc.youmaker.com
securepubads.g.doubleclick.net
stat.media
stat.mixi.media
static.mixi.media
static2.mixi.media
static5.mixi.media
static6.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.epochbase.com
sync.go.sonobi.com
tag.trovo-tag.com
tnews.day
token.rubiconproject.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youtube.com
a.clickcertain.com
prebid.adnxs.com
104.18.36.155
104.18.38.76
108.138.32.75
136.243.66.182
151.101.193.108
18.173.191.32
184.72.144.85
185.162.95.70
185.89.208.11
185.89.210.46
2.19.11.133
2001:4860:4802:34::36
23.218.210.30
2600:1f18:730:b150:4519:67ab:1ad0:9849
2600:9000:20e1:ce00:8:8845:1500:93a1
2600:9000:26da:fa00:e:291c:8fc0:93a1
2602:803:c003:200::51
2606:4700:20::681a:27a
2606:4700:20::681a:932
2606:4700::6812:181e
2606:4700:e6::ac40:ca07
2606:4700:e6::ac40:cb07
2607:f350:3:2569:0:10:0:c
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:fa8:8806:13::1370
2a06:98c1:3121::3
3.219.108.161
34.107.251.162
34.110.129.224
34.111.113.62
34.120.97.157
34.247.62.134
35.164.26.44
4.7.168.74
51.75.86.98
52.218.153.120
52.84.174.60
54.191.105.118
54.210.6.32
69.173.144.138
007ad0e05b52ceb6b842c38f085d0d6c6e88dc59a8553c97e9a33c8d598e167d
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
030d1ff920f35bc6d1d2bc2d6990e2f6f22351799e8ba027879f9901689554e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0936c5c9a81e22635143fda4ba88273a67759ee800878b2ba8ce42f9c381f62e
0e8216f7cee1c7a430b077dc7d1265c411fce4ce5875e6787a1a94a8ca000309
15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
1744de03c297908b7c72489f535271d32f6268760dd7e7e5eb4782a93bc8f825
17ae8b5fdd72ddf8599628a25825d3debd308262f4695f781090a51c40ed5a8c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fe533b8523d434f5e40fb9df9462b670f21282755982e1b8554b8de79fc7b76
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
222ad281ccb208776191d939f265714ae18b1a47e852991ad2721018dfc409e2
2454e37f5e1a4d36dd60d69966816562519f0cfe2429d3af47c8efe6c949622e
25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0
276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4
27de955ad2dc0e5b9ee993ec6dd504eb4b1d1b3fd4e928811ad06adf1e08517d
28f2e79f178f3dd23138d9b66b8fe0391b5a144300fb8a6784f11b923008397c
2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744
2d47e2977636a54c72aabdd3ba0d57b23c7ab52b22b300372ce9d2a753caa85e
300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a
3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
32047f50e34d3e948499d645f88d14cdfeb533b44860a8eab816e64330f4db44
349a18fd5e2323a3e492671e5c3052de952e8c3ae599a3575037a5a38255e93e
372cc065e28ed8d19c56bf125f4cd7690980a5e5aba5e6794ca037d9ab92dc81
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3a0f682a9dfded19f040a82d46c580a6a9027820ddf13a500a1e63651a59f600
3a0f68318231392bf4d7b979fd7e58bb6f1a21e8bd7949afe30dc02438bb1ab5
3acb255cac21f9104061a499e4e19b334675e6e03ee45433a2c3f781b2ac2b90
3ae28b89ed960eddf42f0f3b3b385316516261f125d7cf72bc017f1de285ad80
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c9188860229e5cc561edacc2d2428b85d0e12bc102f3568fca5f572c70346be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de523e97a88472a3647697b04dc64876c12b073e3a0f281ab7f42cdc7d3a8f7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f
3fbe255fad6ee127e9b23edf8a28bc748ff5ae9818bea990551ed3f29c2e5571
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d
42da0f92249021c3a55541ef03f9a47907c76a8903f60093b521ae231f86d817
46bb48b07c4889dd66816975b21842973900a4d9efc848c98d55622d797686e2
46ce58fe5c3f26bc8d99bde76c9b990cf14c34b5e93b53044d52f1abc0d86cfe
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
4c4fb27c2d0bf96aad8bb2c15ccf820bc54e256c96fe1cceaead9aadf06d40f0
4f9f9970363208bf361c0799b7ce11af8208eea9b1bab0b030c40803f4bdf386
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5605ada359e0952e9d6f08c7507cc1d2173fc86bc9824b2886fb5f54f06fbb0e
586f659586473e9b365b83e8d4472465ff3c406e98fb7c0812aa633f1b75d683
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
600bd97141302471752974ad3da4fcc6e336575674928418b15482bb9cc3eee5
60f144249af8ea4133d488adbe4aee126575141b21e63c5ee5242a5a19c1855b
624f897565301dfadf2dc5f82b316a38978803afddd43192f77249eec041d13d
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bedf519e70e6c9c28f6cbe85ab9d3bde27c54831d3b1eaf1c0c08d5d83a12a3
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
780a0e8440d24f4505731e17905d4b31f0f2008a36c081fc02877cd8afc90a13
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a95e7a86ef563a232f04572655e558bf6870dd8b5b7600f76bb744b38430796
7ba241a9f560ed19ea6cf9b763bd7c1a2120d7b13f0387f758f96138d19e7942
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83aa861b967ddd9f6c635c8251363ef9e92e879b8ba5ef99fb4bc99f26113f2b
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bb483d64bb6143fd469cc1b8a111aa9da2f7a50474e9e4ba1eb0b15df6fd44b
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92819ee7675ce02782f977f40b764a5f81e60e1adcf8204ff6ba4448ea54dd9c
92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d
92afa134a96be4e90c9cd070737d84092d67f1340152a9c80ee4ee505ba968c5
952ed5d34d71ad32b79b34e662884688dafff050260234610cfae209338a0c9a
95592d82a95024026b81d400ce04a7e9e52eaecae3ebd7fbfde51a8820d9595e
95f7f3f48596b1ddc2d2c42aad3b75b0b8535866f32ccceaef5834419632ff72
994a48fc6cda18d6beb9833fa71d419e356b1b92bfac460c3a5e8fa3f72f6425
9bd18c9f84d9cdb5baf7499dc8d464f29d12c496e62e39350cb8c8f70a28cafc
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
9f0554ed785fdc547a0d15afd6599f5af080cd2dcb5b9044ab3fb575477d3f65
a28855ba32c69182bba018fec0bc991f4ec03d23ac9a86045e4bf9625d48edfb
a40c7ba1a5bc21e5988926321f6751094781341f6341b1f6491ea8da0bbb5ecb
a633036a28411376106f11213702d2c1fbffe12d29dd9fbf3c948f9bbcc26b94
a6de355eccfa973ac4534a3907eab52b0404a94f4b232997fe48df199a511461
a7abd06711dfc0c45061b3a7594c708cc04d8ce315e40fccb7b6b910221b4df8
aacae8aaa403f5250d083752778216820711a5edfa9203c490ed5afd99d1a4aa
ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1208321ffe4b0d1126af28acd6b19f28e2ea0e11681369cc43b6d54e5b46b31
b31375c972d57d3197eb4f7d8b990dd0b051a144139dd65cdb214ae389388b13
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b48c9bae88b131f13bfc887d29eab2624cbc76b9f52ee4dbfa526bdea4f3ca3a
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f
bc37bd6883e3bbcf1b76b14b001979bf07fd23f4f3b086480aa936ea069f824b
bcf54544f62d9d0e97b9b8a26d424db4f4b98fc4850307978e152990912b1ba0
bd6300f1f21239bf3271aee546312c3e39445499f4af6166f0dd92e344277675
c2abca414624719957b07f1806a877e02acad60ed4313a7ad0d8190b3e48681b
c329933b45a665763f3fb0e24e79c2b08b99721c103788d5da7f80e57c2b3f87
c6fddd8301d32165dd2a28e977c349c59d648dafce7ead0b52743e735a3cd054
c7de7f71ff6321b0e877c640db71837d14106546936ee39603f8d8fe006e1b82
c8b6b93af3505c579bdc917f1663989a94c92f64b7859d017cec5b6686ef50be
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
d2951eafa26a407dcfe41882deeb7b680df8505f384bbabbe2197446e90d3958
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d531fa8daaca8f5072568bf15fec5c140428fec7078d1cb5d4110c06d44eea1e
d5fa5a1f4fb7b2ac5071a2f12b0d3615048df32a5686cc1d32610a79d5ff5a29
d74d332e3ab7d3e53b77f189412609641bfbfe80e04f7c67f98b48a78807f71a
d7f42e31641570b9546b265c0026140c3fc1da01c3393146847c9482a206537c
d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4
d9aa89c37681cecc9721fcf4e8e4f07df2d0bb89b3475ca2153f1480f62da89a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8595d4c6e0bd33129c56a7d081de2e5cf93687b14ccf24ca27d8dabe35b6390
e9d3d7e6cb9ff6ef4db59515e3f42573f7be7106a6b84e226da79f4413224d78
ea17abe8e2e195604a18d8ed101c1b7a7d70cababb1adb15e9072b720ec34c41
ea3ae6930150fa98882faa7bb190c646f8f825bccdef2381c798970cb7d9ead2
ed3fc82f43315e8156f2d2dc3d120b215b8d43fef37c9c87248b5564d21c7665
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f185d5e1f3ff326d44c1783d5761c23581a6e541c33a28115b266fc2aa4ebd8a
fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d
fe42b20d8fb9877e0fff2aed972e9c1b61d848bee536e1da23ff014f54e83412
fed1a2fe9817c538dff36c908a9d69ab360d6dd5036b4a73556248b1cd27bea3

www.ntd.com Open in urlscan Pro 2606:4700::6812:181e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

93 %HTTPS

47 %IPv6

33 Domains

57 Subdomains

45 IPs

9 Countries

4860 kBTransfer

9403 kBSize

39 Cookies

16 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
2606:4700::6812:181e Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

93 %
HTTPS

47 %
IPv6

33
Domains

57
Subdomains

45
IPs

9
Countries

4860 kB
Transfer

9403 kB
Size

39
Cookies

163 HTTP transactions
6 data transactions