Submitted URL: https://tnews.to/china-cyber-spying-us
Effective URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Submission: On February 07 via manual from IN — Scanned from DE

Summary

This website contacted 74 IPs in 12 countries across 59 domains to perform 330 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to HIGHWINDS3, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 483867.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.
This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
41 151.139.128.11 20446 (HIGHWINDS3)
7 52.222.210.175 16509 (AMAZON-02)
10 35.244.243.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
1 3 13.32.99.105 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.139.65 16509 (AMAZON-02)
4 184.30.24.22 16625 (AKAMAI-AS)
1 34.120.97.157 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
32 104.121.183.2 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
11 34.120.33.89 15169 (GOOGLE)
7 3.34.87.37 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
7 34.107.136.65 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 142.250.185.98 15169 (GOOGLE)
12 136.243.66.182 24940 (HETZNER-AS)
5 37.252.161.190 29990 (ASN-APPNEX)
4 2602:803:c003... 26667 (RUBICONPR...)
4 54.72.144.172 16509 (AMAZON-02)
4 23.37.38.181 16625 (AKAMAI-AS)
4 52.28.203.152 16509 (AMAZON-02)
8 104.16.190.66 13335 (CLOUDFLAR...)
12 37.252.172.37 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 185.162.95.67 41722 (MIRAN-AS ...)
5 2.18.233.180 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 52.79.156.248 16509 (AMAZON-02)
2 4 121.53.104.194 38099 (KAKAO-AS-...)
7 12 172.217.16.130 15169 (GOOGLE)
2 3.39.1.125 16509 (AMAZON-02)
5 35.244.159.8 15169 (GOOGLE)
1 178.162.133.149 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 151.101.65.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
8 32 2.18.234.21 16625 (AKAMAI-AS)
5 15.197.193.217 16509 (AMAZON-02)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 1 185.29.134.244 30419 (MEDIAMATH...)
4 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2 151.101.66.49 54113 (FASTLY)
4 8 209.54.176.128 16509 (AMAZON-02)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 35.171.214.154 14618 (AMAZON-AES)
1 1 185.183.112.148 60350 (VP)
1 37.157.6.247 198622 (ADFORM)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 51.178.20.140 16276 (OVH)
1 2 52.30.140.199 16509 (AMAZON-02)
1 54.71.47.92 16509 (AMAZON-02)
1 34.230.197.238 14618 (AMAZON-AES)
1 18.156.0.31 16509 (AMAZON-02)
1 169.197.150.7 398989 (DEEPINTENT)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 54.174.249.39 14618 (AMAZON-AES)
1 52.92.132.72 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.18.126.50 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
4 44.239.88.222 ()
1 2 35.83.79.238 ()
2 2 35.227.248.159 ()
330 74
Apex Domain
Subdomains
Transfer
44 dable.io
static.dable.io — Cisco Umbrella Rank: 16741
api.dable.io — Cisco Umbrella Rank: 16013
r-log.dable.io — Cisco Umbrella Rank: 18569
adx.dable.io — Cisco Umbrella Rank: 13782
images.dable.io — Cisco Umbrella Rank: 19613
242 KB
41 ntd.com
www.ntd.com — Cisco Umbrella Rank: 483867
img.ntd.com — Cisco Umbrella Rank: 580114
2 MB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
30 KB
22 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
140 KB
22 youmaker.com
subs.youmaker.com — Cisco Umbrella Rank: 48678
sc.youmaker.com — Cisco Umbrella Rank: 51026
comment.youmaker.com — Cisco Umbrella Rank: 50923
881 KB
21 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1759
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com — Cisco Umbrella Rank: 565
82 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
47 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
17 KB
12 googlesyndication.com
b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
958 KB
12 mixi.media
mixi.media — Cisco Umbrella Rank: 45090
static.mixi.media — Cisco Umbrella Rank: 81687
target.mixi.media — Cisco Umbrella Rank: 54295
static4.mixi.media — Cisco Umbrella Rank: 96671
static7.mixi.media — Cisco Umbrella Rank: 77915
static8.mixi.media — Cisco Umbrella Rank: 95097
323 KB
11 media.net
hbx.media.net — Cisco Umbrella Rank: 1535
contextual.media.net — Cisco Umbrella Rank: 516
xch.media.net — Cisco Umbrella Rank: 48361
c21lg-d.media.net — Cisco Umbrella Rank: 1817
136 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
379 KB
8 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 556
static.adsafeprotected.com — Cisco Umbrella Rank: 533
dt.adsafeprotected.com
95 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
8 KB
8 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1407
cdn.districtm.io — Cisco Umbrella Rank: 2067
388 B
8 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
ads.yahoo.com — Cisco Umbrella Rank: 913
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
3 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
23 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
62 KB
5 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3750
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
5 openx.net
u.openx.net — Cisco Umbrella Rank: 710
317 B
4 stat.media
stat.media — Cisco Umbrella Rank: 20469
29 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
1 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
102 KB
3 chargebee.com
js.chargebee.com — Cisco Umbrella Rank: 23847
68 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
2 tapad.com
pixel.tapad.com
909 B
2 alocdn.com
p.alocdn.com
977 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
850 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
633 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
35 KB
2 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 23704
986 B
2 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 21992
1 KB
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2660
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
290 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 36771
682 B
1 amazonaws.com
s3-us-west-2.amazonaws.com
26 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 969
99 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 921
44 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1929
261 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
331 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1611
307 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2192
232 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
777 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
299 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
656 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
509 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
376 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 537
459 B
1 t.co
t.co — Cisco Umbrella Rank: 487
338 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 630
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
32 KB
1 tnews.to
tnews.to
922 B
330 59
Domain Requested by
26 images.dable.io api.dable.io
static.dable.io
22 www.ntd.com www.ntd.com
19 img.ntd.com www.ntd.com
15 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
um2.eqads.com
12 cm.g.doubleclick.net 7 redirects www.ntd.com
ssum-sec.casalemedia.com
12 ib.adnxs.com www.ntd.com
acdn.adnxs.com
11 comment.youmaker.com www.ntd.com
comment.youmaker.com
10 subs.youmaker.com www.ntd.com
subs.youmaker.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.ntd.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
8 js-sec.indexww.com www.ntd.com
ssum-sec.casalemedia.com
7 xch.media.net www.ntd.com
7 api.dable.io static.dable.io
ajax.googleapis.com
7 c.amazon-adsystem.com www.ntd.com
c.amazon-adsystem.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 static.dable.io www.ntd.com
api.dable.io
5 a.clickcertain.com 2 redirects a.remarketstats.com
a.clickcertain.com
5 match.adsrvr.org www.ntd.com
ssum-sec.casalemedia.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 u.openx.net www.ntd.com
5 ads.pubmatic.com www.ntd.com
5 prebid.adnxs.com www.ntd.com
5 www.google.com www.ntd.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
5 fonts.gstatic.com www.ntd.com
www.google.com
fonts.googleapis.com
4 dt.adsafeprotected.com
4 pixel.rubiconproject.com www.ntd.com
4 cdn.districtm.io www.ntd.com
4 acdn.adnxs.com www.ntd.com
4 stat.media mixi.media
stat.media
4 dmx.districtm.io www.ntd.com
4 c2shb.ssp.yahoo.com www.ntd.com
4 htlb.casalemedia.com www.ntd.com
4 g2.gumgum.com www.ntd.com
4 fastlane.rubiconproject.com www.ntd.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 token.rubiconproject.com 3 redirects
3 r-log.dable.io static.dable.io
3 static4.mixi.media www.ntd.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 mixi.media www.ntd.com
static.mixi.media
3 www.googletagservices.com hbx.media.net
securepubads.g.doubleclick.net
3 js.chargebee.com subs.youmaker.com
js.chargebee.com
3 sb.scorecardresearch.com 1 redirects www.ntd.com
2 pixel.tapad.com 2 redirects
2 p.alocdn.com 1 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.ntd.com
2 pixel.adsafeprotected.com static.dable.io
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 eus.rubiconproject.com www.ntd.com
eus.rubiconproject.com
2 adx.dable.io www.ntd.com
2 act.ds.kakao.com www.ntd.com
2 analytics.ad.daum.net 2 redirects
2 static7.mixi.media www.ntd.com
2 static.mixi.media mixi.media
www.ntd.com
2 hbx.media.net www.ntd.com
hbx.media.net
2 www.google-analytics.com www.ntd.com
www.google-analytics.com
1 c21lg-d.media.net hbx.media.net
1 a.remarketstats.com 1 redirects
1 s3-us-west-2.amazonaws.com www.ntd.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 match.deepintent.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 c1.adform.net ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 nep.advangelists.com 1 redirects
1 p.rfihub.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 id.rlcdn.com www.ntd.com
1 ads.yahoo.com www.ntd.com
1 sync.mathtag.com 1 redirects
1 ajax.googleapis.com api.dable.io
1 fonts.googleapis.com api.dable.io
1 sync.go.sonobi.com www.ntd.com
1 static8.mixi.media www.ntd.com
1 image6.pubmatic.com ads.pubmatic.com
1 target.mixi.media www.ntd.com
1 prebid-match.dotomi.com www.ntd.com
1 b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 contextual.media.net hbx.media.net
1 gum.criteo.com hbx.media.net
1 analytics.twitter.com static.ads-twitter.com
1 sc.youmaker.com www.ntd.com
1 www.google.de www.ntd.com
1 stats.g.doubleclick.net www.google-analytics.com
1 t.co www.ntd.com
1 static.ads-twitter.com www.ntd.com
1 www.googletagmanager.com www.ntd.com
1 tnews.to 1 redirects
330 99
Subject Issuer Validity Valid
*.ntd.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-11 -
2022-09-11
a year crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-06-01
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2022-01-06 -
2023-01-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
www.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
www.google.de
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
js.chargebee.com
Amazon
2021-05-13 -
2022-06-11
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2021-04-12 -
2022-04-20
a year crt.sh
*.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-06 -
2023-01-05
a year crt.sh
static.dable.io
R3
2021-12-28 -
2022-03-28
3 months crt.sh
*.dable.io
Amazon
2021-07-11 -
2022-08-09
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
mixi.media
R3
2021-12-15 -
2022-03-15
3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2020-03-29 -
2022-03-29
2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.gumgum.com
Amazon
2021-06-05 -
2022-07-04
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-14 -
2022-04-06
6 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3
2021-06-02 -
2022-06-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.google.de
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
static.mixi.media
R3
2021-11-30 -
2022-02-28
3 months crt.sh
stat.media
R3
2021-11-29 -
2022-02-27
3 months crt.sh
target.mixi.media
R3
2021-12-15 -
2022-03-15
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.knorex.com
Amazon
2021-08-26 -
2022-09-24
a year crt.sh
adentifi.com
Amazon
2021-09-04 -
2022-10-03
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-11 -
2022-07-06
6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
um3.eqads.com
Amazon
2021-06-26 -
2022-07-25
a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon
2021-12-17 -
2022-11-29
a year crt.sh
fw.adsafeprotected.com
Amazon
2021-08-11 -
2022-09-09
a year crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-11-19 -
2022-12-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-19 -
2022-06-18
a year crt.sh

This page contains 41 frames:

Primary Page: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Frame ID: F9BB849DA5A6C727ABF9386FD30E94D2
Requests: 172 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Frame ID: 727554AA94D3616C2AFF0B0AC50B7F66
Requests: 7 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Frame ID: A5A0BD2E5E0F45B469126D2C8D0B5703
Requests: 2 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Frame ID: 6833FDA5C32C9A86C33BDFCF9141FBF8
Requests: 7 HTTP requests in this frame

Frame: https://b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F2FB0175596649041D1846CC97CD4DD9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Frame ID: 8B5C77A9F48E79B51F81E916211CCF57
Requests: 2 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Frame ID: AA700162707F294438B97DB6BDE28013
Requests: 37 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 4DC4576C7945827093F00B00A0A8C5CC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyvOkRiPx20TXVYdsXOPFzXM5zeXPaNTVrJX5tPFFwfZC2IwM204N7kpuM9zCKaM8on5hS9kXBqyDKynnc_E_RHOtR-xkQ7jFSv1XhWPYrwgPq9FMNLv0rZ4KBeqW4wkbMMsqI0ZZsQYxhWoGAyP4X-OtuqdkDSaKQVRTC8YfTg8LATE1Puwg2SzWRwJVyOc_x2nECRPZKQF7O-a2YJ97XOwHAgOJsiBTcAKx1wIXGYG6H7ZueO6OwNt-RmajosrmQb7SA2Zr9-zsqxBbFrclmVHBA7KezMYyZG2ZjgK8HnwJ65zPhO_APbg-FEYr05RUV9x0OwplwJEjpac7kTiGekZVIp1M&sig=Cg0ArKJSzN9RvQJQz4wIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7DA8C0B7C678ED687C134538793E4CA5
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHdvKFOMZsOjT4T-txWcoN0fRuqSS475ukxrmAmCLr84_n4MBW8Y1fyUW6OpyhjZZYWQs1eSUDzvVVx_CZpG7BIzIIjQ0dBX8JwXxnN2joReaQA9ME6MmHr-5OLK9v5Iy_4x9RAkDOxzSGxScGDrbkQJcIfjN4BfWA_6nopSq6ArXHk9-RWtnXcEdqDgG7qFaKatAcVFrW-bKd9wrxaGY9jamT4MiD3TVc3OhfZRV4ePzXnxpXHDxB3XxHudus1DP_6v4_B3WiLADDW1rarBViuRkg7DxWJI98uMPeyW17QRUmrkd7xsyo2qbjFD6wkc4tDAgn4W4EKjqkBFI&sig=Cg0ArKJSzP_8GKBbGTxjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 132D4A54D4D6349552AF33B48142D1C7
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D689EA2CF81D37E5FFD318255B2BC167
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8F407BBC841830BEE70F82F954CDBDB7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6F34E5048412E7A4B2A1E18B69D4CFAF
Requests: 10 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3F9B813FAD1B65A5E26EC2AC48E3DFA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AB56C003A531FC7598CFE61F1B06A66D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E7FEEE77EBB71EF828F9841AC8B8203D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 885B8CC69FE9AFD29D31675C1F064641
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7CBC54580DA2B03F0AC37197A983521A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 13FF7841BA710B87A5EF997AE5DFE8BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 645666BBDBB3B7FC81DE1FB5A8EAF535
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 20BFF672AB6153165BD2D829D956B7E5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C22E4890B41B163FCDDDAEE5B4CF244E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BACE10406A16A24384B9C44EAC67524E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 80A445C655BA098971D90F7438C0A8FF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5167CEA2A7D069C528F57911A644F7D9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 2221C15396267AC9D75D10BB234B8E43
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1C38100FE491B752FA6265CEBF503753
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 63C37B09515B412AF1B9F41BC85C5B45
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 15F3D3F6B13FF2DB6B8C215F5BB08316
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8ABC8115E1AE9823F5199E996F59CA1B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 72633018C29FC840EF7E8B3A0A7E37D5
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4049C14B97DE8608E690A194C6D5C166
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A7D9BF210E9C4DE5E20A7BBBC8B316EC
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 699663E12C801FDE1E0D022D75B896A4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 675FDF6DD019090EC2D7427154C5E642
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: F5A4109A7E45B2BBE016E890AC899103
Requests: 2 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=3018%2C3015%2C97%2C77%2C188%2C3008%2C208%2C255%2C109%2C117%2C3014%2C2026%2C159%2C3012%2C222%2C201%2C203%2C273%2C2027%2C225%2C229%2C2030%2C2033%2C214%2C59%2C184%2C141%2C3007%2C3%2C2034%2C178%2C80%2C251%2C186%2C246%2C226%2C108%2C193%2C157%2C3017%2C3016%2C126%2C175&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 0025E887273C4096D23B07AC7A9D1DC9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CB3A9BC1DF5E870ED279B9F95E0A2B7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E51B0AAABB5597EF54FB4DAE4A91BDF4
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B0F48E95C67A5608568CB800522FDD94
Requests: 1 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&cn=DE
Frame ID: A65A1B029B49BCE751A7174F07CC7B40
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Critical Entities Targeted in Suspected Chinese Cyber Spying

Page URL History Show full URLs

  1. https://tnews.to/china-cyber-spying-us HTTP 307
    https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • js\.chargebee\.com/v([\d.]+)

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

330
Requests

91 %
HTTPS

31 %
IPv6

59
Domains

99
Subdomains

74
IPs

12
Countries

6049 kB
Transfer

9318 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tnews.to/china-cyber-spying-us HTTP 307
    https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=
Request Chain 158
  • https://analytics.ad.daum.net/match?d=111&uid=69007821.1644234255980 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://adx.dable.io/pixel/google?google_gid=CAESEDWSdnbr6jw5ELLlURB9HvQ&google_cver=1
Request Chain 244
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 245
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 246
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 247
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 249
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmEwNzgxNmIwY2JiMjYxMzZjYmJjZGVkOTYxMjA0ZTAyNDZmODQ0Mg
Request Chain 250
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=476b6201-0612-4200-8acf-07bdc7c9b032
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOL2wTqKc-jlymNFFalDlpU&google_cver=1
Request Chain 252
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCMMFI1-V-L71C&sigv=1&esig=2~49d195908a0cbdbfa92caf8b58151a9632db569e
Request Chain 253
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5fTVn4tEPBUV49yFwfJuwA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8837050713991943263
Request Chain 255
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgEGEgAEXRFMCgAy HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgEGEgAEXRFMCgAy&_test=YgEGEgAEXRFMCgAy
Request Chain 256
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB&dcc=t
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEjeSzzYjxlomw27FrAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Request Chain 260
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646826258
Request Chain 261
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519453469972
Request Chain 262
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f8863e60-15c9-43a8-823f-c2ca9a42107a
Request Chain 263
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 265
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Request Chain 267
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Request Chain 270
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7921785846982813187
Request Chain 271
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 272
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 274
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Request Chain 284
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB&dcc=t
Request Chain 287
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644320658&gdpr=1
Request Chain 291
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 302
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical%2dentities%2dtargeted%2din%2dsuspected%2dchinese%2dcyber%2dspying_627894%2ehtml HTTP 302
  • https://a.clickcertain.com/px/?c=2455d1796b86efb
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://adx.dable.io/pixel/google?google_gid=CAESEOHoCncaorExh_UMXbE4OXY&google_cver=1
Request Chain 317
  • https://analytics.ad.daum.net/match?d=111&uid=69007821.1644234255980 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
Request Chain 324
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25223f1d0f2a-9691-4c99-b548-1a41d6e7254c%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25223f1d0f2a-9691-4c99-b548-1a41d6e7254c%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1
Request Chain 327
  • https://a.clickcertain.com/px/ta/?ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=bc0bacfb-6d54-4a4a-9296-0c505d503219
Request Chain 328
  • https://a.clickcertain.com/px/r/?ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253de5ec1b13%25252d8a08%25252d4d76%25252d9f9b%25252dc685d706d5aa%252526anx_uId%25253d%252524UID HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253de5ec1b13%25252d8a08%25252d4d76%25252d9f9b%25252dc685d706d5aa%252526anx_uId%25253d%252524UID&bidder_id=200441&bidder_uuid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&_li_chk=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&previous_uuid=075afdcff0c74fbfb593e6fe76d43504 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253de5ec1b13%252d8a08%252d4d76%252d9f9b%252dc685d706d5aa%2526anx_uId%253d%2524UID&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3de5ec1b13%2d8a08%2d4d76%2d9f9b%2dc685d706d5aa%26anx_uId%3d%24UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3De5ec1b13%2D8a08%2D4d76%2D9f9b%2Dc685d706d5aa%26anx_uId%3D%24UID&google_gid=CAESEEYdPmz88zp6EE5HWZ1GX8k&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&anx_uId=3872572469226267977

330 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
www.ntd.com/
Redirect Chain
  • https://tnews.to/china-cyber-spying-us
  • https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
46 KB
13 KB
Document
General
Full URL
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ad657365ba0a357b3f4447b0025a575fe4bc2224c1a28023718b0b664b0f2340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-type
text/html; charset=UTF-8
x-hw
1644234253.cds253.fr8.hn,1644234253.cds125.fr8.sc,1644234253.dop026.sj3.r,1644234254.cds107.sj3.sc,1644234254.cds107.sj3.p,1644234254.cds125.fr8.p
server
nginx/1.12.2
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-device
desktop
x-cache-status
MISS

Redirect headers

date
Mon, 07 Feb 2022 11:44:13 GMT
content-type
text/html; charset=UTF-8
location
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
x-robots-tag
noindex, nofollow
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by
Pretty Link Pro Developer 3.2.3 http://prettylink.com
x-redirect-by
WordPress
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNgZ37ujsiNZ6K2Nh7FJED9eFh3Z2u3qMoQidR4kagU0xp%2B3SjEpmbnA0FLmVV5%2BX4p85WyrMhZ%2B3oPgMmNYdGJmHb4xCyeGkbjrF%2FUSoKP8AX4V3hGmIdlpoNw0yxrI%2BKJX5obYvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d9c5d6f6a630f7e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/
134 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
394
x-cache
Hit from cloudfront
server
Server
x-amz-rid
06A3KYX49RH1A3N76FBA
date
Mon, 07 Feb 2022 11:37:54 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Bm7yuYnLp59EI0y_tP6b-A3R9aa1R64ZEFqYr1kizQ3TCG0F6vIObA==
prebid.js
www.ntd.com/assets/themes/m-ntd/js/ads/
285 KB
106 KB
Script
General
Full URL
https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 18:58:27 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"5fac3453-47523"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds211.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
108407
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
template.css
subs.youmaker.com/lib/
8 KB
9 KB
Stylesheet
General
Full URL
https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
via
1.1 google
last-modified
Fri, Feb 04 2022 20:23:59 GMT
server
nginx/1.20.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
8659
style.css
www.ntd.com/assets/themes/ntd/
2 KB
979 B
Stylesheet
General
Full URL
https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 15:11:15 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"5c8a6f13-6aa"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds145.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
859
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
global.css
www.ntd.com/assets/themes/ntd/css/
25 KB
7 KB
Stylesheet
General
Full URL
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Nov 2021 15:39:08 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"61a4f41c-63d3"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds098.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
6600
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/
41 KB
26 KB
Stylesheet
General
Full URL
https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 21:24:00 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"6089d270-a2da"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds144.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
26471
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
single.css
www.ntd.com/assets/themes/ntd/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
454a5dfc464806755d550d689f5202cf1ab09e7011626b601266406568932f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 20:04:55 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"612550e7-3db8"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds280.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
4285
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
LIVE_TV.png
www.ntd.com/assets/themes/ntd/images/
2 KB
2 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/LIVE_TV.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 18:53:29 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"617af1a9-615"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds254.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
1557
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/
64 KB
64 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Tue, 02 Feb 2021 20:05:39 GMT
server
nginx/1.12.2
etag
"6019b093-ffc1"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds238.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
65473
ntd_show_menu_china_in_focus.jpg
img.ntd.com/assets/uploads/2021/02/
79 KB
79 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_china_in_focus.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Tue, 02 Feb 2021 20:05:37 GMT
server
nginx/1.12.2
etag
"6019b091-13ba2"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds289.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
80802
NTD-Business-412x222.jpg
img.ntd.com/assets/uploads/2021/02/
66 KB
66 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/02/NTD-Business-412x222.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Tue, 02 Feb 2021 21:10:04 GMT
server
nginx/1.12.2
etag
"6019bfac-1069e"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds149.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67230
ntd_show_menu_ntd_news_today.jpg
img.ntd.com/assets/uploads/2021/02/
66 KB
66 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_news_today.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Tue, 02 Feb 2021 20:05:40 GMT
server
nginx/1.12.2
etag
"6019b094-10886"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds248.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
67718
Capitol-Report-412_222.jpg
img.ntd.com/assets/uploads/2021/09/
61 KB
61 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/09/Capitol-Report-412_222.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Sat, 25 Sep 2021 15:44:11 GMT
server
nginx/1.12.2
etag
"614f43cb-f36a"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds156.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
62314
95053e83b9351098938db8f28bdb1ba3.jpg
img.ntd.com/assets/uploads/2022/01/
104 KB
104 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2022/01/95053e83b9351098938db8f28bdb1ba3.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Thu, 27 Jan 2022 03:43:28 GMT
server
nginx/1.12.2
etag
"61f214e0-19f08"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds102.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
106248
Wide-Angle-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/
147 KB
147 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/04/Wide-Angle-NTD-412x222.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Mon, 05 Apr 2021 04:06:40 GMT
server
nginx/1.12.2
etag
"606a8cd0-24c4a"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds013.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150602
NTD-A-Good-Cop-Banner-412x222-v2.jpg
img.ntd.com/assets/uploads/2021/12/
35 KB
35 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/12/NTD-A-Good-Cop-Banner-412x222-v2.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Sun, 12 Dec 2021 04:21:57 GMT
server
nginx/1.12.2
etag
"61b578e5-8c21"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds221.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35873
The-Beau-Show-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/
146 KB
146 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/04/The-Beau-Show-NTD-412x222.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Mon, 05 Apr 2021 04:06:27 GMT
server
nginx/1.12.2
etag
"606a8cc3-248d6"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds138.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
149718
New-York-City-subway--900x506.jpg
img.ntd.com/assets/uploads/external/2021/06/
80 KB
80 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/external/2021/06/New-York-City-subway--900x506.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
81929796467a0d3d726d15f58cb4ad6cc94ddb5ef140c4c2d149485086aea11b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
last-modified
Tue, 15 Jun 2021 14:42:58 GMT
server
nginx/1.12.2
etag
"60c8bc72-140d3"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds124.fr8.sc,1644234255.cds124.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
82131
white.png
www.ntd.com/assets/themes/ntd/images/
95 B
204 B
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/white.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 15:11:15 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"5c8a6f13-5f"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds127.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
95
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
watch_ntd_on.png
www.ntd.com/assets/themes/ntd/images/
20 KB
20 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/watch_ntd_on.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Nov 2021 22:32:45 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"6192e00d-50f6"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds279.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
20726
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
watch_ntd_row1-2.png
img.ntd.com/assets/uploads/2021/11/
64 KB
64 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row1-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Mon, 15 Nov 2021 20:41:36 GMT
server
nginx/1.12.2
etag
"6192c600-fe6b"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds240.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
65131
watch_ntd_row2-2.png
img.ntd.com/assets/uploads/2021/11/
127 KB
128 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row2-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Wed, 17 Nov 2021 15:05:18 GMT
server
nginx/1.12.2
etag
"61951a2e-1fd9d"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds003.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
130461
Morocco_Boy_Trapped_2022-2-5_1-e1644096736952-270x152.jpg
img.ntd.com/assets/uploads/2022/02/
20 KB
20 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2022/02/Morocco_Boy_Trapped_2022-2-5_1-e1644096736952-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
82e7e112196b47b736d1ed3560023d20b862c1002b62b091f9db1918499ec431

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Sat, 05 Feb 2022 21:32:17 GMT
server
nginx/1.12.2
etag
"61feece1-4fd9"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds239.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20441
Navy-SEAL-candidates-AP22037799906323-270x152.jpg
img.ntd.com/assets/uploads/2022/02/
19 KB
19 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2022/02/Navy-SEAL-candidates-AP22037799906323-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
45aef68f5facfecb15d4aa6538b7183c7c69d0de79e0d809e3cdcdf3264830ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Sun, 06 Feb 2022 23:23:42 GMT
server
nginx/1.12.2
etag
"6200587e-4c7e"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds257.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19582
ICELAND-270x152.jpg
img.ntd.com/assets/uploads/2022/02/
6 KB
6 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2022/02/ICELAND-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
1c7727afe191ec41c010c4a6c4945d3fd6f842f7b00b958158ea4d008d7db4d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Sat, 05 Feb 2022 19:24:43 GMT
server
nginx/1.12.2
etag
"61fecefb-197c"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds157.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6524
Kids-270x152.jpg
img.ntd.com/assets/uploads/2021/09/
16 KB
16 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/09/Kids-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a456949cc8478c23d5131d81356621109b0126e348f2ccdf8bfec8da18159390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Wed, 22 Sep 2021 02:26:18 GMT
server
nginx/1.12.2
etag
"614a944a-4054"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds222.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16468
Police-tape-270x152.jpg
img.ntd.com/assets/uploads/2021/07/
12 KB
12 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/07/Police-tape-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
32af3a7a61d88952992e4ec14ff0069f3a267cdc39ccd58d6353987333e24d13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Mon, 19 Jul 2021 15:22:28 GMT
server
nginx/1.12.2
etag
"60f598b4-315f"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds127.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12639
Virus_Outbreak_Canada_Protest-270x152.jpg
img.ntd.com/assets/uploads/2022/02/
15 KB
15 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2022/02/Virus_Outbreak_Canada_Protest-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5097fadb367f2e2d6a99625873680af8e42659a79b6b1d4172714958c72d32f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Mon, 07 Feb 2022 01:02:16 GMT
server
nginx/1.12.2
etag
"62006f98-3d10"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds158.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15632
footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/
349 KB
349 KB
Image
General
Full URL
https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
last-modified
Wed, 03 Feb 2021 22:50:49 GMT
server
nginx/1.12.2
etag
"601b28c9-573d6"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds007.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
357334
jquery-all.min.js
www.ntd.com/assets/themes/ntd/js/
98 KB
40 KB
Script
General
Full URL
https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 15:11:14 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"5c8a6f12-188ff"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds054.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
40721
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
bottom.js
www.ntd.com/assets/themes/ntd/js/
39 KB
13 KB
Script
General
Full URL
https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220103
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f94c55b68b702413e7fd7da527f6a082cf06bedf7e6e6a429bff580f741a781e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Jan 2022 21:26:55 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"61d4bb9f-9d26"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds270.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
12985
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.bundle.js
subs.youmaker.com/lib/
240 KB
240 KB
Script
General
Full URL
https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
via
1.1 google
last-modified
Fri, Feb 04 2022 20:23:34 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
245558
article_ads.js
www.ntd.com/assets/themes/ntd/js/
31 KB
9 KB
Script
General
Full URL
https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Oct 2021 19:10:24 GMT
server
nginx/1.12.2
etag
W/"617069a0-7c65"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds292.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
8981
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
print.css
www.ntd.com/assets/themes/ntd/css/
532 B
439 B
Stylesheet
General
Full URL
https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 18:35:54 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"5f036f0a-214"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds245.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
320
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
24025
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 07 Feb 2022 05:03:50 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8g6-aH7e0vemp_UBBugVylR7GscFn9j_VmrKIzX6i9kBfSrwFCbxRw==
gtm.js
www.googletagmanager.com/
81 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a8a636a11159f8a3c94c13ebdc4cbbb88bd50eeb382c06347a2e68ecdf8c825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32077
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Feb 2022 11:44:14 GMT
NTDLogo.svg
www.ntd.com/assets/themes/ntd/images/
660 B
550 B
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/NTDLogo.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 15:31:27 GMT
server
nginx/1.12.2
etag
"618e88cf-294"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds263.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
428
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
header-handshake.png
www.ntd.com/assets/themes/ntd/images/
2 KB
2 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/header-handshake.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 20:32:31 GMT
server
nginx/1.12.2
etag
"606f685f-61d"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds250.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
1565
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ENTD_Play.svg
www.ntd.com/assets/themes/ntd/images/
2 KB
1 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/ENTD_Play.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-7e6"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds016.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
938
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
NTD_logo.png
www.ntd.com/assets/themes/ntd/images/
4 KB
4 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 19:44:39 GMT
server
nginx/1.12.2
etag
"5ed94f27-f46"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds214.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
3910
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/
73 KB
73 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 20:32:35 GMT
server
nginx/1.12.2
etag
"606f6863-122fe"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds219.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
74494
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/
118 KB
119 KB
Font
General
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1d9d8"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds012.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
121304
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/
122 KB
122 KB
Font
General
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1e6ec"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds211.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
124652
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:15:48 GMT
x-content-type-options
nosniff
age
476906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 23:15:48 GMT
RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/
123 KB
123 KB
Font
General
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1eb2c"
x-hw
1644234254.cds253.fr8.hn,1644234254.cds232.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
125740
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5962
date
Mon, 07 Feb 2022 10:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Feb 2022 12:04:52 GMT
uwt.js
static.ads-twitter.com/
14 KB
6 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:44:37 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000088-IAD, cache-hhn11524-HHN
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 04:14:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
26972
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
jvnNJ9_rEqWwZS_xshKii3JvcjKxCpCXfm815VOcFvyOEPRJrLYURQ==
collect
www.google-analytics.com/j/
4 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=880469812&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&dp=%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ul=en-us&de=UTF-8&dt=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1936446295&gjid=1568664116&cid=1209118702.1644234255&tid=UA-128455718-1&_gid=1711601172.1644234255&_r=1&_slc=1&cd1=10&cd2=123&cd3=%3Bchina-10%3Belection-integrity-36899%3Binternational-19679%3Bny-13616%3Bnews-8%3Bpolitics-5990%3Bus-9%3Bworld-11%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd5=%3Bchina-10%3Belection-integrity-36899%3Binternational-19679%3Bny-13616%3Bnews-8%3Bpolitics-5990%3Bus-9%3Bworld-11%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd21=627894&cd22=ntd_ap&cd23=The%20Associated%20Press&cd26=China&cd28=%3BChina%3BElection%20Integrity%3BInternational%3BNew%20York%3BNews%3BPolitics%3BUS%3BWorld%3B&cd29=%3Bhackers%3Binternet%20security%3Btelecommunications%3B&cd30=20210615&cd31=20210615&cd33=1041&cd38=123&cd42=%3Bhackers%3Binternet-security%3Btelecommunications%3B&cd43=post&z=1912481160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/
43 B
338 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=b4314d6a-fd6e-4084-9e5f-fd5c8fe459d1&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
109
date
Mon, 07 Feb 2022 11:44:14 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
63cce8f4b0ff4be82df0352cd1bde18d8f2ac6fb5608b32732be986a793ae884
content-length
43
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com...
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
_wdUYdKdu7A_gc7VQ5snn7grzmdL-gLq9u3zS2S9vRqqXwsGmIGOcg==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1644234255039&ns_c=UTF-8&cv=3.5&c8=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&c7=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&c9=
content-length
298
x-amz-cf-id
rlEIJrakmSV3u1qMMfbZZ_PgsZeZxBnDFHDZn5EOLMHxkBT8q6TJFg==
collect
stats.g.doubleclick.net/j/
4 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128455718-1&cid=1209118702.1644234255&jid=1936446295&gjid=1568664116&_gid=1711601172.1644234255&_u=YEBAAEAAAAAAAC~&z=1267557067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 11:44:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1209118702.1644234255&jid=1936446295&_u=YEBAAEAAAAAAAC~&z=1118002088
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1209118702.1644234255&jid=1936446295&_u=YEBAAEAAAAAAAC~&z=1118002088
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chargebee.js
js.chargebee.com/v2/
149 KB
45 KB
Script
General
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cc3f35106b58879608b2eee4905c8a037005ba9c0b12bcd6ac2810e155f81e8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
erz.SBmtYdT4WJAfCgyYRqKah1Vqq7Dm
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 06:06:09 GMT
server
AmazonS3
age
116
etag
W/"8edc7e256f9df0122ff6732064f4e7e4"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 07 Feb 2022 11:42:29 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
942-FtI7HjEKj8Vpp5s3BbI-ffy_9ORDNyJnQQUwbKmJKG6Sh8CERA==
geo
subs.youmaker.com/rules/
88 B
149 B
XHR
General
Full URL
https://subs.youmaker.com/rules/geo?siteid=&uid=39230f66-6d89-49bb-9ec0-cb7ccfb3d419
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
clear
content-length
88
bidexchange.js
hbx.media.net/
472 KB
103 KB
Script
General
Full URL
https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5042595a2d2c9196cfbcc9f9e3611954ae63f057b716cfa21c5236e93ae0c31c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 07 Feb 2022 11:44:15 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Mon, 07 Feb 2022 12:14:15 GMT
config
c.amazon-adsystem.com/cdn/prod/
0
305 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:33:15 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
age
659
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ntd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
hfL6z7cpz0BegDq1Qnxt9msmchpo_3sOMMO4rG--V2JTs0Mct_x4sw==
geo
subs.youmaker.com/rules/
88 B
352 B
XHR
General
Full URL
https://subs.youmaker.com/rules/geo?siteid=www.ntd.com
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b

Request headers

Accept
*/*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
clear
content-length
88
count
sc.youmaker.com/site/article/
139 B
259 B
XHR
General
Full URL
https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=5e2922d8-49bf-aa7a-1dba-b5a4c084f372&postid=627894
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
d851e97738ee9708f3fa4e8ab502d22397b4fd26c479b70dc9026a864fc5dde2

Request headers

Accept
*/*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
clear
content-length
139
content-type
application/json;charset=UTF-8
nest_newsletter_cif.jpg
www.ntd.com/assets/themes/ntd/images/
120 KB
120 KB
Image
General
Full URL
https://www.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20210824
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 31 Aug 2021 14:03:31 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"612e36b3-1de33"
x-hw
1644234255.cds253.fr8.hn,1644234255.cds205.fr8.c
content-type
image/jpeg
cache-control
max-age=315360000
content-length
122419
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/
884 B
606 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ef43faf66864fd2b60c15b7b0d27e7592f552fba98c1d36d94f25290c8306f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Mon, 07 Feb 2022 11:44:15 GMT
adsct
analytics.twitter.com/i/
31 B
459 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=b4314d6a-fd6e-4084-9e5f-fd5c8fe459d1&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
118
date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
dbc997f8fe2da81d823105a4205dfb0e6fc8cf3697cdf1c0273e959ae3732390
content-type
application/javascript;charset=utf-8
content-length
57
plugin.min.js
static.dable.io/dist/
107 KB
34 KB
Script
General
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LnUEiQicLR0PB_19rEBkqllnYGNw9feA
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 07:32:04 GMT
Server
Apache
x-amz-request-id
ENYC27HPRJAQNJ7A
ETag
"8149da179cc4858e221e9c80dc7ccd6c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=78011
Date
Mon, 07 Feb 2022 11:44:15 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33936
x-amz-id-2
Ai18JKIkcI4tcAVy/8HMX8J3+hqyHec7CrgMrZtpvg3yyVSUV0xfs8ker2NB9R4+JO7C14FuZO8=
0-d0d07a1ccb393c1835b4.js
js.chargebee.com/v2/
55 KB
17 KB
Script
General
Full URL
https://js.chargebee.com/v2/0-d0d07a1ccb393c1835b4.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
20w2SlxdJFoLpn7L1pVhJJ.nizdlR6mu
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 24 Jan 2022 11:09:21 GMT
server
AmazonS3
age
298
etag
W/"c4630576340873667c3aab4a9a1de919"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 07 Feb 2022 11:39:17 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
Y5-dCkl1Zf-bDdd1pu0ATqbIBsu-XGC3-sjB6iguh9iwJgvbAGOhZw==
60-3993ccd28efa273fe99c.js
js.chargebee.com/v2/
16 KB
5 KB
Script
General
Full URL
https://js.chargebee.com/v2/60-3993ccd28efa273fe99c.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc7898fa6a43df915b8a9a65e1661b22556fd817fdfd6c5ad3e4f8f574291ea1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
oboligw7emWKrb4qAfRCWc4eNQAK2Spe
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 01 Feb 2022 06:06:09 GMT
server
AmazonS3
age
116
etag
W/"34efa740ed241c2bebdd75784df31e2c"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Mon, 07 Feb 2022 11:42:20 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
b0Ci1npl6PYPUws6_DGBueGvio-cn94IHuyQPT-dMB78oXtmZYCQ1g==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/
356 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 11:43:16 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7275
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5e065314dbd2465ec4f03c74a0ff6e9f7b424c47dd445a987379aeab6f935159
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nI4yeXPtIOn31X2OqPtHig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 07 Feb 2022 11:44:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-nI4yeXPtIOn31X2OqPtHig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20798
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
embed.js
comment.youmaker.com/web/
7 KB
8 KB
Script
General
Full URL
https://comment.youmaker.com/web/embed.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
20b33eb0d3404a30fd13269c9b6b3cb6a1a91668a4e284dd9e1b3ec78ca7d479

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
7611
app-version
0.1.2
counter.js
comment.youmaker.com/web/
2 KB
2 KB
Script
General
Full URL
https://comment.youmaker.com/web/counter.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
13160f1ceb7467feed0eb33c0b4d0862d3a6b7150826c0123a56ee7bb314439e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
2305
app-version
0.1.2
get
subs.youmaker.com/template/
165 B
230 B
XHR
General
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=www.ntd.com&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=39230f66-6d89-49bb-9ec0-cb7ccfb3d419
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
clear
content-length
165
get
subs.youmaker.com/rules/
14 KB
14 KB
XHR
General
Full URL
https://subs.youmaker.com/rules/get?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=39230f66-6d89-49bb-9ec0-cb7ccfb3d419
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
alt-svc
clear
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
prefs2
api.dable.io/plugin/services/ntd.com/
495 B
741 B
Script
General
Full URL
https://api.dable.io/plugin/services/ntd.com/prefs2?cached_uid=&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
4a8f8569f636a4bfd59514235cf7de1ce2c0e9c21552fa82910fa901f903d619
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.0
etag
W/"1ef-qcSjWWe51a+m9abQTxI5+jCMJT8"
content-type
text/javascript; charset=utf-8
sync
gum.criteo.com/
53 B
376 B
Script
General
Full URL
https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=1&gdpr_consent=&us_privacy=&gdpr_pd=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:14 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1969
strict-transport-security
max-age=31536000; preload;
content-length
169
expires
60
tcb.js
contextual.media.net/
51 KB
8 KB
Script
General
Full URL
https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250%7CT31K017_300x600%7CT31K017_320x100%7CT31K017_728x90&v=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1b5b92a27b72c199eae1c4aec2166e846b066cb00a78928b3462691e1a5cd90
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 07 Feb 2022 11:44:15 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=172800
content-length
7818
expires
Wed, 09 Feb 2022 11:44:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 7275
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 11:14:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 7275
356 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 11:43:16 GMT
rtbsspub
xch.media.net/AdExchange/
79 KB
5 KB
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=95014237160644621644234255431&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*175%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*178%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*201%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*203%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*214%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*222%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40154127862*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40154127862*251%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*175%7C300x250%7C8CUBNN02K%7C219315283_8CUBNN02K%7C%7C%7C1%40219315283*178%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*201%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*203%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*214%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*222%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40219315283*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40219315283*251%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*175%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*178%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*201%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*203%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*214%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*222%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40361572443*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40361572443*251%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*175%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*178%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*201%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*203%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*214%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*222%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40432445934*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40432445934*251%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*175%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*178%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*201%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*203%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*214%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*222%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40457067574*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40457067574*251%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*175%7C300x250%7C8CUBNN02K%7C822340472_8CUBNN02K%7C%7C%7C1%40822340472*178%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*201%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*203%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*214%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*222%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40822340472*229%7C300x250%7C8CU734595%7C375117874%7C%7C%7C1%40822340472*251%7C320x100~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*175%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*178%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.3653524156625947&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
412d646ba3b0ee994bef05d1b0f59ac451bb000c57ef43512a58017757ca30cd

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/
38 KB
3 KB
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=96921203391043161644234255433&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=833186455*201%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*203%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*214%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*222%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40833186455*229%7C336x280~300x250%7C8CU734595%7C815568811~375117874%7C%7C%7C1%40833186455*251%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*175%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*178%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*201%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*203%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*214%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*222%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40839126647*229%7C336x280~300x250~300x600%7C8CU734595%7C815568811~375117874~277543751%7C%7C%7C1%40839126647*251%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*175%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*178%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*201%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*203%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*214%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*222%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1%40895788568*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40895788568*251%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.501619239723154&tscode=1&crid=833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a66b1f3d4520e0e4f2ebc3d174dc671ba39a8804be3e424b4ac20190da04188f

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
show
subs.youmaker.com/template/ Frame A5A0
4 KB
4 KB
Document
General
Full URL
https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

server
nginx/1.20.1
date
Mon, 07 Feb 2022 11:44:15 GMT
content-type
text/html; charset=utf-8
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
auth
subs.youmaker.com/subs/
69 B
133 B
XHR
General
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=2200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=39230f66-6d89-49bb-9ec0-cb7ccfb3d419
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
clear
content-length
69
auth
subs.youmaker.com/subs/ Frame
0
0
Preflight
General
Full URL
https://subs.youmaker.com/subs/auth?subscribed=&nid=2200&siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&uid=39230f66-6d89-49bb-9ec0-cb7ccfb3d419
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.ntd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 07 Feb 2022 11:44:15 GMT
content-length
0
allow
GET, POST, PUT, DELETE
access-control-allow-origin
https://www.ntd.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
via
1.1 google
alt-svc
clear
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7275
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
492267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 08 Feb 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7275
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
519970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7275
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
492267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7275
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=m1yi4jxowwui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 07 Feb 2022 11:44:15 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70385f98221f89859dbfe0cc01afa83c0391fcfb7abd14d78bef1027155d7b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27248
x-xss-protection
0
server
sffe
etag
"1124 / 438 of 1000 / last-modified: 1644233481"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Feb 2022 11:44:15 GMT
counts
comment.youmaker.com/api/v1/
186 B
287 B
XHR
General
Full URL
https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
e0db7a8f644f3f6e06af34dfeb3b95643ef01c3f518ea7747880666d74ec0157

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
vary
Origin
alt-svc
clear
content-length
186
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
expires
Thu, 01 Jan 1970 00:00:00 UTC
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
counts
comment.youmaker.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.ntd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.20.1
date
Mon, 07 Feb 2022 11:44:15 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.ntd.com
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
iframe.html
comment.youmaker.com/web/ Frame 6833
4 KB
4 KB
Document
General
Full URL
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
2e7af9d06c2f1d015d55605ba6c6e4bf8cfa39ea69f1ccbef54c271cc2bdda06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

server
nginx/1.20.1
date
Mon, 07 Feb 2022 11:44:15 GMT
content-type
text/html; charset=utf-8
content-length
4155
accept-ranges
bytes
app-name
remark
app-version
0.1.2
author
EMG
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
x-robots-tag
noindex
via
1.1 google
alt-svc
clear
rtbsspub
xch.media.net/AdExchange/
15 KB
1 KB
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=49577682157453721644234255596&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=154127862*97%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%7C%7C%7C1%40219315283*97%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%7C%7C%7C1%40361572443*97%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%7C%7C%7C1%40432445934*97%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%7C%7C%7C1%40457067574*97%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%7C%7C%7C1%40822340472*97%7C320x100~300x250~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%7C%7C%7C1%40833186455*97%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%7C%7C%7C1%40839126647*97%7C300x600~300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%7C%7C%7C1%40895788568*97%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.19287851474217255&tscode=1&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455%2C839126647%2C895788568&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
ffd47fa40f9ce5e79231fa360173251e30ba92a9008a7ecd7c1a507aac4194f3

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
userId.bundle.js
subs.youmaker.com/lib/ Frame A5A0
200 KB
200 KB
Script
General
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tn=ENTD%20-%20signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
last-modified
Fri, Feb 04 2022 20:23:59 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
204540
pubads_impl_2022020101.js
securepubads.g.doubleclick.net/gpt/
351 KB
120 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:43:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121756
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:38:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Feb 2023 11:43:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
58 B
702 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3924908b6d97a6b9437e034070df379b5c9b467294593ceb60f318bbf7cdd0a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66
x-xss-protection
0
expires
Mon, 07 Feb 2022 11:44:15 GMT
95162.js
mixi.media/data/js/
5 KB
3 KB
Script
General
Full URL
https://mixi.media/data/js/95162.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220103
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
3e7c7f44f352412dfe410ed062512b6afa9be455a986e0f403c37eae98035eb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Last-Modified
Monday, 07-Feb-2022 11:44:15 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
bid
c.amazon-adsystem.com/e/dtb/
23 B
487 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=vPw82dMhXSjok&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22article_top_ads_inner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
4NK2A9A31M2KJ8A1Y4XA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
lZTm9g51BilbvEwaQ4asn4Y5rgZnQM5i85nx189sW3JuCRylM9omKg==
cookie_sync
prebid.adnxs.com/pbs/v1/
1 KB
901 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
42fd4ebe7b47c3c1d511651a1736dfe2e11feade6289bf08bae08d20ef020d1d

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/
271 B
666 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
293f6aea889315c3ac6dd127772caa290e726dc27efefcba10b64404794645db

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Prebid
pbs-go/0.194.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=7422d846-587e-44cf-bb35-5e98a0989581&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5737827454836177
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0380a6cf718d40d01a3debff69dd0f25a3a1b52405d18d1e9c2797c3ee992005

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/
2 B
326 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?si=32032&pi=3&bf=970x250%2C970x90%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=9421
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.144.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-144-172.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
cygnus
htlb.casalemedia.com/
37 B
328 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=360717&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213dedd27f9d0c3c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214224b580d461fd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221543f3e97ecbd19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22165cb1347a136b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
531037e7efad83472ad4834ca7d98bab1c30811387dac7057704bfbefa1d1dd8

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ntd.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 11:44:15 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_728x90&cmd=bid&secure=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b5eb9e6f6480c3e8e905dda2fd406dbe4b9675fe72a810a1d6f060ff1c458b3e

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
content-length
62
v1
dmx.districtm.io/b/
0
35 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
cf-ray
6d9c5d82b9205b3e-FRA
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
66bff685c5ac329bd9768d834ded3c86fae15554121d71107c1a9f6dd3aab013
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26d65283-4c2a-42c6-8142-c9483ae59941
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/
23 B
488 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=vPw82dMhXSjok&cb=1&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22first_in_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
5TZJ1JQRW2V672W2W61T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
4BDqtQyeBhOEibXSXxwxSxcFKOTr2ihbhiIRvpZcYiEVAehfYSx4gQ==
auction
prebid.adnxs.com/pbs/v1/openrtb2/
273 B
664 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
796cce50bea3a8e6ee1b158a9da215b343f40971b73e32a3b78ccdd1586fe407

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Prebid
pbs-go/0.194.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
ea67c45533f8704925d64b675a3794cb9ac2d620e7ee3519e50b4be24fbbe9c7

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/
37 B
328 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=360718&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2233aff44bbaff896%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2234954dcbba6c8dc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223537fbf81a84cac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3096cb32b815f75b5cb141ef42f728dab651a7f3c8651cfab1197b58af5eb7a3

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ntd.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 11:44:15 GMT
imp
g2.gumgum.com/hbid/
2 B
325 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=9421
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.144.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-144-172.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
261 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=bf0e84d5-dd50-47be-9ffb-8e16251b17b3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.23635333368094447
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
95e205cee7c177e1f03ee46669ec7dc321f65911ca62b5e7adcb56f2fbd01f5e

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
139 B
812 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
da8976f9ac374141f41467d237ed94f996068f2585aa9aa60c65fa0a8bfa5258
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
844ed59e-a905-479b-96b6-816fa64bb7f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/
0
281 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
cf-ray
6d9c5d82b9225b3e-FRA
access-control-allow-headers
Content-Type, Origin
bid
c.amazon-adsystem.com/e/dtb/
23 B
489 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=vPw82dMhXSjok&cb=2&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
YA4H7XHECD6S08RXS3BB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
rDE_AzZUJzwcbyJQcSuNS6FsT2neQ6aJ61wKtBlUkrq4vzm7p7nDFw==
auction
prebid.adnxs.com/pbs/v1/openrtb2/
271 B
662 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
e5c84306a20595cebdff3ea7a585d9a3541aa3c5c6be2aba085adfda3ce94008

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Prebid
pbs-go/0.194.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
v1
dmx.districtm.io/b/
0
36 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
cf-ray
6d9c5d82b9245b3e-FRA
access-control-allow-headers
Content-Type, Origin
cygnus
htlb.casalemedia.com/
37 B
328 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225443fea5ef0f179%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255781210260eda9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225643f8c4f028d9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
698cfa225a7014d76ce2a7421b817930a90ad52644b2b99c45b2a4ae5031ce71

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ntd.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 11:44:15 GMT
imp
g2.gumgum.com/hbid/
2 B
325 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C336x280&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=9421
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.144.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-144-172.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
289 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
152c06e339a025554dfe945af5493c7f5fdc1216e18676f1eff31f9186b16c41

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
60a78808ae669ae826595c348c5c5efa5f014270c0493a16a69fcc9f1bb42af5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a04dc105-efd1-4fb9-9a2e-4a7be0a01b4a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
261 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=b13a0a98-383f-43fb-8a52-046d77d80cfe&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.562100893478694
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
745f201ee42ee6da4a8f1d7ada0038bc34fb8fbfda4253646927b1c7063f35d7

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
c.amazon-adsystem.com/e/dtb/
23 B
489 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=vPw82dMhXSjok&cb=3&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22right_column_ad_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
via
1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
T41RWPB2YDR4FTYN4CDN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
9uiUIcL89jgUhBMibXEAXwS_HsRWYh8qTqDACEgndFtsliH8q4doYA==
auction
prebid.adnxs.com/pbs/v1/openrtb2/
271 B
668 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Southall, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
886b967e4cf2b3fe8cbaacdb09cfcc77322ac16523adb971c1fef623f25d29c0

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Server
nginx/1.19.0
X-Prebid
pbs-go/0.194.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d4017373968c709b89ef5d02ee&pos=ntdcom_desktop_web_300x250&cmd=bid&secure=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4bd02b94a55550e833f076c27194f78a57ada33f4ad7a59fb374a4187e578c3d

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/
261 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=5468315c-566b-4249-8c25-bb463891d721&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8170368412532454
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ba9b9c688a1e322afebe9cf3fca3552e1c55eb7dfebe21425165f582eabb6c6a

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
dmx.districtm.io/b/
0
36 B
XHR
General
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
cf-ray
6d9c5d82b9255b3e-FRA
access-control-allow-headers
Content-Type, Origin
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3ed442f7d271bdc1d8c1d26178c019e596adfb4e7314187e2c6f066ee53ec19a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:15 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2cdcc5c7-ba44-4518-a17e-8a1b959e51be
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
g2.gumgum.com/hbid/
2 B
325 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?si=32030&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.15.0%22%7D&ogu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ns=9421
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.144.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-144-172.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
cygnus
htlb.casalemedia.com/
37 B
328 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=360722&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22832160d779d9745%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22848a53f5fa6f7ff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2285931d02705cea9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4149ef1ef6f657a719b2617bc5c6a382f79b0286a7ed024299ab99227420efae

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.ntd.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Mon, 07 Feb 2022 11:44:15 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
402 B
245 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3655452946979809&correlator=3065812546569998&output=ldjh&impl=fifs&eid=31064719&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&dt=1644234255812&lmt=1644234255&dlt=1644234254623&idt=1109&frm=20&biw=1600&bih=1200&oid=2&adxs=290&adys=4140&adks=1600640090&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&scr_x=0&scr_y=0&psz=767x3707&msz=647x0&ga_vid=1209118702.1644234255&ga_sid=1644234256&ga_hid=880469812&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
923437ddf3b7fcea8bad61d253608c8407bdc14a9f1fc68f778c14f521cd94f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2FB
6 KB
4 KB
Document
General
Full URL
https://b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Feb 2022 11:44:15 GMT
expires
Tue, 07 Feb 2023 11:44:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
remark.css
comment.youmaker.com/web/ Frame 6833
82 KB
82 KB
Stylesheet
General
Full URL
https://comment.youmaker.com/web/remark.css?v=2022012111
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0eaa98d99ffd85f27787798b06fb8b7b62a5c25710e7dc3868fcf893044110d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
84183
app-version
0.1.2
remark.js
comment.youmaker.com/web/ Frame 6833
314 KB
315 KB
Script
General
Full URL
https://comment.youmaker.com/web/remark.js?v=2022012111
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5a4c618ffded08a9f7158c3feb92caf7ab70bc26a6bc2daecdffc2b62bd989eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
via
1.1 google
last-modified
Fri, 21 Jan 2022 16:22:36 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
clear
content-length
321564
app-version
0.1.2
current
prebid-match.dotomi.com/match/bounce/
0
104 B
Image
General
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
jsapi.v5.8.0.en_US.js
static.mixi.media/static/jsapi/
250 KB
75 KB
Script
General
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.8.0.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
2b8fe2700dd46b01fb40571c333cb21e7c7a576e556b86709445a5d1d77c0dc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 10:46:07 GMT
Server
nginx
ETag
W/"61fbb26f-3e9ad"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/
77 KB
28 KB
Script
General
Full URL
https://stat.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.67 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir13.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/
6 KB
6 KB
Image
General
Full URL
https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:15 GMT
Last-Modified
Mon, 30 Sep 2019 14:11:01 GMT
Server
nginx
ETag
"5d920cf5-1849"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6217
/
target.mixi.media/init/
95 B
463 B
Image
General
Full URL
https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=2565828264058
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Target-Version
2
Date
Mon, 07 Feb 2022 11:44:15 GMT
X-Target-Final
20220207144415-0
Server
nginx
X-Target-Host
target2-1.ssel25
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00042
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Mon, 07 Feb 2022 11:44:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B5C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=104073
expires
Tue, 08 Feb 2022 16:38:49 GMT
date
Mon, 07 Feb 2022 11:44:16 GMT
vary
Accept-Encoding
rtbsspub
xch.media.net/AdExchange/
15 KB
2 KB
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=27555831071051021644234255961&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*175%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*178%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*201%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*203%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*214%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1%40812916687*222%7C728x90~970x90%7C8CUBNN02K%7C812916687~812916687%7C%7C%7C1%40812916687*229%7C970x250~728x90%7C8CU734595%7C247181456~182703547%7C%7C%7C1%40812916687*251%7C970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.8337759180067137&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f674ed5954b8252a6bf1f981be7b0ce88437e032d19781418034dddd809cc531

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/
2 KB
965 B
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=74237257108687211644234255968&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=812916687*97%7C728x90~970x250~970x90%7C8CUBNN02K%7C812916687_8CUBNN02K~812916687_8CUBNN02K~812916687_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.5092323876875611&tscode=1&crid=812916687&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22812916687%22%3A%7B%22supply_tag_id%22%3A%22article_top_ads_inner%22%2C%22xps%22%3A800%2C%22yps%22%3A135%7D%7D&encryptionVersion=0.0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
30af84a5bfec24b73596e78d878cb6ad3da8e439ed2d685e6c5295e916dd1a9a

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
jsapi
mixi.media/newdata/
8 KB
3 KB
XHR
General
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.8.0.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
cde25c459bc5c4263e9646091fd5d4498f2f3a469a72154d8754da5a0752679b

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:16 GMT
Content-Encoding
gzip
Last-Modified
Monday, 07-Feb-2022 11:44:16 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Node
ads5-3ssel30
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
19 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3655452946979809&correlator=3065812546569998&output=ldjh&impl=fifs&eid=31064719&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2%26mnetPageID%3D10%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26hb_abt%3Dhb%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie=ID%3D8efcf3f54232ee53%3AT%3D1644234255%3AS%3DALNI_MY-shJ-fqPY_BnOu06fDw2nHCVLrg&bc=31&abxe=1&dt=1644234256016&lmt=1644234256&dlt=1644234254623&idt=1109&frm=20&biw=1600&bih=1200&oid=2&adxs=200&adys=135&adks=1030851624&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&scr_x=0&scr_y=0&psz=1200x0&msz=1200x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1209118702.1644234255&ga_sid=1644234256&ga_hid=880469812&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8c087acd7cd5e1f1141c4e0c7ff98270a46139ea2f49dd34e836fa966fc548d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8831
x-xss-protection
0
google-lineitem-id
5900320489
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138379156719
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8B5C
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31451013&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:15 GMT
content-length
0
config
comment.youmaker.com/api/v1/ Frame 6833
283 B
471 B
Fetch
General
Full URL
https://comment.youmaker.com/api/v1/config?site=www.ntd.com
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id
www.ntd.com

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
283
expires
Thu, 01 Jan 1970 00:00:00 UTC
9845512.jpeg
static4.mixi.media/img/400x300/
52 KB
52 KB
Image
General
Full URL
https://static4.mixi.media/img/400x300/9845512.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
d3114771bd5812addc4f5c3a0a87dfe4fbe46a1c3e31db10efd2c870b9bee84c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Sat, 29 Jan 2022 23:31:00 GMT
Server
nginx
ETag
W/"61f5ce34-2fa32"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53293
Expires
Mon, 29 Jan 2024 23:33:13 GMT
9696736.jpeg
static7.mixi.media/img/400x300/
39 KB
39 KB
Image
General
Full URL
https://static7.mixi.media/img/400x300/9696736.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
802f47a6ea21a6e981659bcfaeac8c1c15ecb20c8309f371af15014aa03484e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Mon, 13 Dec 2021 04:35:57 GMT
Server
nginx
ETag
W/"61b6cdad-21522"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40005
Expires
Wed, 13 Dec 2023 04:37:00 GMT
9814280.jpeg
static4.mixi.media/img/400x300/
41 KB
42 KB
Image
General
Full URL
https://static4.mixi.media/img/400x300/9814280.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
9c08144ee62cd26891dec178bf9666e47b0a49c5eaea2bd034ab9cef63a4ecc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Wed, 19 Jan 2022 23:54:08 GMT
Server
nginx
ETag
W/"61e8a4a0-e276"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42448
Expires
Fri, 19 Jan 2024 23:55:57 GMT
9773116.jpeg
static8.mixi.media/img/400x300/
35 KB
35 KB
Image
General
Full URL
https://static8.mixi.media/img/400x300/9773116.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
643b4013da9a0054325e343c214811faac727760a2c68f4f8472afb4ea5c9456

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Thu, 06 Jan 2022 16:30:03 GMT
Server
nginx
ETag
W/"61d7190b-6b436"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35475
Expires
Sat, 06 Jan 2024 16:30:53 GMT
9866451.jpeg
static4.mixi.media/img/400x300/
30 KB
30 KB
Image
General
Full URL
https://static4.mixi.media/img/400x300/9866451.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
ca90156622aa2af348b092e80521b641f617915db86e5593b922d80964fe5678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Fri, 04 Feb 2022 23:45:08 GMT
Server
nginx
ETag
W/"61fdba84-f107"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30863
Expires
Sun, 04 Feb 2024 23:46:35 GMT
9862708.jpeg
static7.mixi.media/img/400x300/
34 KB
35 KB
Image
General
Full URL
https://static7.mixi.media/img/400x300/9862708.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
7a9574f0a20712b7afcd8a0e9c93cab58d203bdb074d20d0e536f8271203628a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Thu, 03 Feb 2022 21:30:25 GMT
Server
nginx
ETag
W/"61fc4971-8efc"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35270
Expires
Sat, 03 Feb 2024 21:31:17 GMT
view
api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/
54 B
201 B
Script
General
Full URL
https://api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=69007821.1644234255980&z=109626&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.0
content-type
text/javascript; charset=utf-8
view
r-log.dable.io/s/ntd.com/u/69007821.1644234255980/
54 B
199 B
Script
General
Full URL
https://r-log.dable.io/s/ntd.com/u/69007821.1644234255980/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=69007821.1644234255980&z=109626&callback=dbljson3
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 11:44:16 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
69007821.1644234255980
api.dable.io/widgets/id/Ql9OO5o4/users/ Frame AA70
37 KB
6 KB
Document
General
Full URL
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
0d0d4b7aa8961f20fa4556054ded140086424a580511130f5283193d6b2a5d58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

date
Mon, 07 Feb 2022 11:44:16 GMT
content-type
text/html; charset=utf-8
server
nginx/1.20.0
content-encoding
gzip
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=69007821.1644234255980
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
0
493 B
Image
General
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Server
121.53.104.194 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:17 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain;charset=UTF-8
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
0
google
adx.dable.io/pixel/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://adx.dable.io/pixel/google?google_gid=CAESEDWSdnbr6jw5ELLlURB9HvQ&google_cver=1
35 B
207 B
Image
General
Full URL
https://adx.dable.io/pixel/google?google_gid=CAESEDWSdnbr6jw5ELLlURB9HvQ&google_cver=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Server
3.39.1.125 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-39-1-125.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:16 GMT
server
nginx
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adx.dable.io/pixel/google?google_gid=CAESEDWSdnbr6jw5ELLlURB9HvQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 4DC4
0
177 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 07 Feb 2022 11:44:16 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
settings
stat.media/counter/
450 B
1 KB
Script
General
Full URL
https://stat.media/counter/settings?payload=COeDAxIkYjQ4NTBlOWUtMDhkYy00ZWY2LTk2ODgtZmRmODZlMmIzYWQxGMbb_p_tLyIkYjYwMWI1ZTctZjc3Mi00MjI4LWExMjUtZWNhZGI5NGY4MTA2&cb=_callbacks____0kzcmmfpk
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.67 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir13.imcmdb.net
Software
nginx /
Resource Hash
360e0dac9b9b6febaf0f3f25407d9ae5c470ca9582778199937f875e8cad96c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
us.gif
sync.go.sonobi.com/
49 B
509 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
mixi.media/cookiematching/
43 B
880 B
Image
General
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGI0ODUwZTllLTA4ZGMtNGVmNi05Njg4LWZkZjg2ZTJiM2FkMRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjQ0MjM0MjU1ODE0GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGI2MDFiNWU3LWY3NzItNDIyOC1hMTI1LWVjYWRiOTRmODEwNhoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1644234256200
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Mon, 07 Feb 2022 11:44:16 GMT
Last-Modified
Monday, 07-Feb-2022 11:44:16 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:16 GMT
view
stat.media/counter/
0
135 B
XHR
General
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.67 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir13.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 07 Feb 2022 11:44:16 GMT
Server
nginx
Connection
keep-alive
user
comment.youmaker.com/api/v1/ Frame 6833
57 B
0
Fetch
General
Full URL
https://comment.youmaker.com/api/v1/user?site=www.ntd.com
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id
www.ntd.com

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
alt-svc
clear
content-length
57
expires
Thu, 01 Jan 1970 00:00:00 UTC
site
comment.youmaker.com/api/v1/ Frame 6833
91 B
278 B
Fetch
General
Full URL
https://comment.youmaker.com/api/v1/site?site=www.ntd.com
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id
www.ntd.com

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
91
expires
Thu, 01 Jan 1970 00:00:00 UTC
find
comment.youmaker.com/api/v1/ Frame 6833
123 B
310 B
Fetch
General
Full URL
https://comment.youmaker.com/api/v1/find?site=www.ntd.com&url=www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&id=627894&group=&sort=-time&format=tree
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/remark.js?v=2022012111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5

Request headers

x-provider-token
youmaker
x-xsrf-token
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url_id=627894&page_title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
x-access-token
x-site-id
www.ntd.com

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
via
1.1 google
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
app-version
0.1.2
x-robots-tag
noindex
alt-svc
clear
content-length
123
expires
Thu, 01 Jan 1970 00:00:00 UTC
swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame AA70
830 B
846 B
Stylesheet
General
Full URL
https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 04:12:45 GMT
Server
Apache
x-amz-request-id
0D17E012DBF02A02
ETag
"7570769c6f4af63877b73ce88e833efe"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=864000
Date
Mon, 07 Feb 2022 11:44:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316
x-amz-id-2
SQo33vAUnoL1ApDTZV0ZKyfio7Y1YNZdhIYq2FrC7Vk2f3PAgtPZcYWYf9kqog8jHfjpSyxorrI=
widget.min.css
static.dable.io/dist/ Frame AA70
73 KB
10 KB
Stylesheet
General
Full URL
https://static.dable.io/dist/widget.min.css?202106141538
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
vhEKAQMtMwHCbv1zntOLld7ykyHm2Ieo
Content-Encoding
gzip
Last-Modified
Wed, 23 Jun 2021 08:27:13 GMT
Server
Apache
x-amz-request-id
62J9HGPDZ3D2DGQW
ETag
"b21f082c8bf7c670dc2314e542e4dcd4"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=86400
Date
Mon, 07 Feb 2022 11:44:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10090
x-amz-id-2
SN8nFyb88f0UafPGjopFBP6wdqHaYownVMvH8b4jtvdOvhHOLOTH08SSlqpErJIqY9cCjME+vh0=
css
fonts.googleapis.com/ Frame AA70
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 11:41:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 11:44:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Feb 2022 11:44:16 GMT
335060e154f5aad2351878eedb7067834c368.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/b7c/ Frame AA70
5 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/b7c/335060e154f5aad2351878eedb7067834c368.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
ed928a8b3313a0bbbcfbaeab4b0fe4c74348fd41f10a61e997f9632b30e14248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Qq9y6CwcLoQfYr05y36Ql3bD.btboL2E
ETag
"d851e122ffe0f9c70d114515b80df1cb"
x-amz-request-id
ZTZHDZ7H64ZD9EA7
Connection
keep-alive
Content-Length
4865
x-amz-id-2
+WvQ2RTQnCGg9hYo3YPWIc2lixcWdTdvfYpbn+eKlpdggVHfUkGxr+b4/tM4Lvy77hb3hm2W9bs=
Last-Modified
Sun, 16 Jan 2022 20:19:16 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
eb630efa554aed15957b065ee249f585ef23b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/2ce/ Frame AA70
3 KB
4 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/2ce/eb630efa554aed15957b065ee249f585ef23b.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
70c14677599ca76ad45be8541dd9456785bd7f3ad42a5f5d6ae59b933bf97d88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
kX1Hxi2NStlYqQ1eBhb6fmcwx3Fvhwhw
ETag
"a5668dcfff4b29ff3579ab0dafb152c2"
x-amz-request-id
XYMC0BAMM2QJ0074
Connection
keep-alive
Content-Length
3172
x-amz-id-2
M5ryEHZcfwKwKaI9pNMXDTYGGFg6CgZZMNB3fPf1xsY/ELRT4ZWKZKFeFX5z8c8CHdfikwojJ8M=
Last-Modified
Sun, 16 Jan 2022 18:52:03 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
091a247fe92cf3ebd3e3a88e348fc8ee90194.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/3f6/ Frame AA70
5 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/3f6/091a247fe92cf3ebd3e3a88e348fc8ee90194.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
49ef1501b7fe904a40d1619b72c95314823eb0b51938fe8ec17d8c53a8d01942

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
_ZLs9sujsae4EuwbYykz4USATa5r9UpT
ETag
"260d4031f3a8a94ba666d841f852875f"
x-amz-request-id
ZTZPZ6EM6D7028Z0
Connection
keep-alive
Content-Length
4618
x-amz-id-2
0gFAzyYuzEVvE0pvm7T85lbJLldaf872ZQgVZuKLJO9ktxmPjApD35cW9vVA4mBWTbzmLJduDmk=
Last-Modified
Tue, 20 Jul 2021 00:16:25 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
8eeddda8ce029f48a648454ff133db81b95e1.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/05f/ Frame AA70
5 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/05f/8eeddda8ce029f48a648454ff133db81b95e1.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
f6d1fc7b1a4aecf3d0df6a9ce5333a65433c37d15d2f920926855150fdd0b563

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
U98UgQNQtSKgNZqNwpqszh5N4326HYOa
ETag
"28090c3d0cc014fc9ef9214bdb75f0a4"
x-amz-request-id
ZTZVBMVDZ3N2NJK4
Connection
keep-alive
Content-Length
5095
x-amz-id-2
gtiBFgxMX3T7sIwDJ3AM125tnUZt6oFfps1j9U8wf03d6b7td3//0itbXE+bniPDXnxoGcfoS2E=
Last-Modified
Fri, 04 Feb 2022 22:40:41 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
df4cf801392c05b1a9f5893b084b27400a6b0.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/783/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/783/df4cf801392c05b1a9f5893b084b27400a6b0.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
1d8e36dc714344939ac5725a1586e9be7f5f4bfd8a039bd599459c916ad1a075

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
tgphNxRkaJRs.oZBuQ7QkpdSA_RwkYwc
ETag
"28d407bab76f54118b95c8ea1bb3545f"
x-amz-request-id
ZTZR04K5P7QSW939
Connection
keep-alive
Content-Length
5892
x-amz-id-2
jzcDoRAmWQmgKGCTzHWxZd3EBdrpYd6N0PBvZlCOVQ6KRt3rNSy1KGiA7d1vCP/c3j83UqQpqvk=
Last-Modified
Sat, 24 Jul 2021 02:40:08 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
99fd9fd87ad2b4f773e6883f8cbc275f04a4b.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/07d/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/07d/99fd9fd87ad2b4f773e6883f8cbc275f04a4b.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
f15754188217f5ea5d92a8d0ffc19a947ba87557dc5d48c6652b64c01d8fb0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Rw9poA.V0r5toYXZx0UjHoMzlTmTuJvN
ETag
"71abd00f45834ee4aed124fba4dfe166"
x-amz-request-id
ZTZQD85DVZCPG8AC
Connection
keep-alive
Content-Length
5950
x-amz-id-2
SE1mlOlvVEWQthWztEe3QjrCo30sAP1XLgw2FYMTphXbYD4qCSk+00JEBcROneE63Xx4dSauKSU=
Last-Modified
Tue, 01 Feb 2022 08:41:13 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
f6f6f6.png
static.dable.io/static/i/ Frame AA70
83 B
611 B
Image
General
Full URL
https://static.dable.io/static/i/f6f6f6.png
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 06:35:50 GMT
Server
Apache
x-amz-request-id
98B7C5EA7BF1576A
ETag
"c684e92ff40cdf977c18be6a031e6e54"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=864000
Date
Mon, 07 Feb 2022 11:44:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96
x-amz-id-2
LttdQ6L+2w5M+L6e4QDUjgL4om7Fxd4OzFJxhsTCD+O2GzorVmpFONzKxF58hn0cOzWt8Mab6yM=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AA70
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 19:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Feb 2023 19:37:53 GMT
widget.min.js
static.dable.io/dist/ Frame AA70
56 KB
18 KB
Script
General
Full URL
https://static.dable.io/dist/widget.min.js?202111191719
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d24504fb8d7f46fc501b9cedb1d586b385e547c266b2ed61567c6e69ff28e5cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
T21JQxktq9qC9GROkf_jsXATU.wmSE9V
Content-Encoding
gzip
Last-Modified
Mon, 22 Nov 2021 02:58:05 GMT
Server
Apache
x-amz-request-id
DWMTY0XP0RTRY11Y
ETag
"04b2cd453775b0cf48d81ef33904a166"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Date
Mon, 07 Feb 2022 11:44:16 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17775
x-amz-id-2
iy5qMphsNCI9Vn0btbpDqGngfrv6w5E3wU14ySHjl49PTpf/Ax4d6GQbh1bOd2hyaSeuh10I9pw=
view
securepubads.g.doubleclick.net/pcs/ Frame 7DA8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyvOkRiPx20TXVYdsXOPFzXM5zeXPaNTVrJX5tPFFwfZC2IwM204N7kpuM9zCKaM8on5hS9kXBqyDKynnc_E_RHOtR-xkQ7jFSv1XhWPYrwgPq9FMNLv0rZ4KBeqW4wkbMMsqI0ZZsQYxhWoGAyP4X-OtuqdkDSaKQVRTC8YfTg8LATE1Puwg2SzWRwJVyOc_x2nECRPZKQF7O-a2YJ97XOwHAgOJsiBTcAKx1wIXGYG6H7ZueO6OwNt-RmajosrmQb7SA2Zr9-zsqxBbFrclmVHBA7KezMYyZG2ZjgK8HnwJ65zPhO_APbg-FEYr05RUV9x0OwplwJEjpac7kTiGekZVIp1M&sig=Cg0ArKJSzN9RvQJQz4wIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DA8
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 11:44:16 GMT
1286732493618174170
tpc.googlesyndication.com/simgad/ Frame 7DA8
704 KB
705 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1286732493618174170?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c29c7af25062b94589535b92bf6a5868b7bad028d5a6494971f38bc530632cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 00:02:24 GMT
x-content-type-options
nosniff
age
387712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
720939
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 22:11:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 03 Feb 2023 00:02:24 GMT
prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame AA70
288 B
906 B
Image
General
Full URL
https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"78144ca1e42485765eff8fd58568ec78"
x-amz-request-id
M1HJX9VDJSQY5BDG
Connection
keep-alive
Content-Length
288
x-amz-id-2
6FayR3qHGOoFjiN1xvah7/HGnepN32wT2sRUhwCPJtdFwjAIyJ/X6le/kcPcMKhmmJDDqJbgwuA=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo-text-tiny-gray.png
images.dable.io/static/i/ Frame AA70
661 B
1 KB
Image
General
Full URL
https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"2260fca7dca92761058aace21a176daa"
x-amz-request-id
1E561FE0624D8037
Connection
keep-alive
Content-Length
661
x-amz-id-2
5d7cJPXCOhvlRFUPxUcdb9QIzZOIlY2dQwU57L0grTVcv0WSFCNyum5c7YrWqB+dtSmUmqzs0gE=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AA70
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://api.dable.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
488181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AA70
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://api.dable.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
492267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
dot.png
images.dable.io/static/i/ Frame AA70
269 B
887 B
Image
General
Full URL
https://images.dable.io/static/i/dot.png?2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202106141538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"c6dbfa476effcbda5d070b19378fed29"
x-amz-request-id
EFDFBA4FB9A36553
Connection
keep-alive
Content-Length
269
x-amz-id-2
rxVO3Sx/yBld7FOuN/+/NtXk+kAQ902XbPTHvqCxTu9DTqL7BVur7Ph/ETs9ECf997ox6hM9TY0=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:17 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
fb40deba7a748c129cd1c512479364de1a086.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/b60/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/b60/fb40deba7a748c129cd1c512479364de1a086.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
8adab28592121bbe412b003fbf07cc59e1af4a40645b1c01d2854cc0efa5ab68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
_ukJSsx1RMJlZ8evCufF2Zi5nGMIZfGR
ETag
"c1b4ecbe753cc5085476fe6b370ceba3"
x-amz-request-id
XYMF1M8ZERAD0FTK
Connection
keep-alive
Content-Length
5714
x-amz-id-2
4VIXm9aK7SfjTyHqQrJnVHGyQqOpItw0CjSHmc76QxbCKENjgopCeuCSZU81LEwKDLzenORh56s=
Last-Modified
Fri, 14 Jan 2022 08:54:42 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
07ee6b06ea6222e3e57b44a9cce6033c0bded.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/cb7/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/cb7/07ee6b06ea6222e3e57b44a9cce6033c0bded.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
4b546a286a64da49d5a38cee327effa6244635c2d2d9482043329d2c20258236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
VZrxK22yvyV14.zPenTIrrLLrauXke5T
ETag
"26a6e1ded0c2208d64d531ab0b6cc91f"
x-amz-request-id
XYMEJE3YH6H600VG
Connection
keep-alive
Content-Length
6028
x-amz-id-2
r2oglEfKQ5ghFDfUifzWncvp/FJGKGe8jwc/4+ix7WP+PDHEeMrewbH9oSK10UR05qO6lZ5JSsE=
Last-Modified
Tue, 18 Jan 2022 17:24:54 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
786e9a9e71be9596ad4e44191b5d73f038fb8.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a4e/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/a4e/786e9a9e71be9596ad4e44191b5d73f038fb8.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
e5ad6c73c2a11052e7738f4fc5a8d251ec2d01b4555e19dc055b23b4f4972fee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
n61X57rdfPt4Ve11VOKEgnqMMnQG86aE
ETag
"410a11db6cb6f1a0c85e42f4e1c39620"
x-amz-request-id
XYM78DXKEAQ9P0V6
Connection
keep-alive
Content-Length
5876
x-amz-id-2
17giRm7jkBs9GTd6Fqmy0gsT96j6JwW3XfJzL/xZ7+kwpG3+BH+YW5f3CoADAlfrwuFjBCTeGeM=
Last-Modified
Sat, 15 Jan 2022 12:41:53 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
a515a53c385897037e20ed5ec476122bc5683.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/20e/ Frame AA70
5 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/20e/a515a53c385897037e20ed5ec476122bc5683.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8f9e8b7c1ffebd10c1d6836f58503cc2386531d674a13ff3963cd39d54d07f62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FBxJD1SnLYAwDSsin_5pLY8NIYL0tkNT
ETag
"ceb5ff475a65877f71ff5bb46b7ec851"
x-amz-request-id
ZWF32C2CADFF94X5
Connection
keep-alive
Content-Length
5059
x-amz-id-2
4nWWzKTMFPv3kuHhAzdEFZ47Ft6T/uOhpXzVOqPwLSZvjIxZS9UuupTUFcRd3VB5vVvW3UCNHy4=
Last-Modified
Tue, 18 Jan 2022 05:06:33 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
6156a38840828439b57a679ee003e179c531f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/b91/ Frame AA70
5 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/b91/6156a38840828439b57a679ee003e179c531f.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
3ef3a8cdf36d880bc20ec83b993830b18b73d38f1935ab45817c2bfa592edf1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
qxj8uWdRSlIwk.J1yAMW2O_Pgol0Uc3e
ETag
"363d5fd5a30df9fada9f2e9ee80463d8"
x-amz-request-id
XYM7N3T1974BHWDB
Connection
keep-alive
Content-Length
5508
x-amz-id-2
RxbKDR32Hpm8wLU2WIKOzbOZLwJbPt86DKcraTTkazZuQZjOy//9D0H5z0Rg03Xdm5S0hholKgw=
Last-Modified
Tue, 25 Jan 2022 18:32:32 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
bfff7efd83bf3ca6ae6cc7d925c7b62eb416f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/d7f/ Frame AA70
5 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/d7f/bfff7efd83bf3ca6ae6cc7d925c7b62eb416f.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
470f1c700ca37f6b6d6de58ec9e24f37ab78bc70a7b2ec5c6773c7c1e77e4e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hL4hsaUVCFUbn8IM3JzYLKV3.xu1Zowj
ETag
"03dec3ae06cdc5250390bdd7508531ad"
x-amz-request-id
XYMD538WW65HFGBK
Connection
keep-alive
Content-Length
5173
x-amz-id-2
0sVbpDotB5BPCNoEJ1LccO3TqxyP9E5RfmcCC+tbOxgofZ7i3uJbS4mqTIJtk2/HRrZcTWmyaMc=
Last-Modified
Thu, 20 Jan 2022 16:26:59 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:19 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
a9e19cd4a7642adfd84272ce48bdcbf348cfd.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/4a0/ Frame AA70
7 KB
8 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/4a0/a9e19cd4a7642adfd84272ce48bdcbf348cfd.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
4a7c0ba4d25a7ee64f06dbfc029c97310af5293d17ae5d8498bb6ef240401942

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Brh5UwSb3ahvJo4_zjkvAyQr05udc8Wr
ETag
"774eb474be57d5e44e8ee138615e466e"
x-amz-request-id
XYMB6DH2SXXQ55NX
Connection
keep-alive
Content-Length
7071
x-amz-id-2
KD97FmxsgX7X/QEsEKCMyv0M9WIo/oVBYAyw6x2PnmUT3YhltJqgm5NGZ3wcAKVJ2H0+Q7d+eoI=
Last-Modified
Sun, 06 Feb 2022 01:16:56 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:19 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
b655af9a555c54973487cc4e73402bd028501.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/f86/ Frame AA70
6 KB
6 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/f86/b655af9a555c54973487cc4e73402bd028501.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
ed265743d7728bce6c7452d3c32e7adb6e82c7c6b22035430273502ad02179b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
2y1LGVdNMKMAeEuetK74rc1x6OuLedbu
ETag
"b5b8f173e08039f9b2912df25e2830dc"
x-amz-request-id
XYMDMB1502W7CRSM
Connection
keep-alive
Content-Length
6018
x-amz-id-2
VdN89M2ikaSGDsx+qPLqjmo5vfzp/Zs/X75T0r5z30jMRlh+ZLtD5Of3lv5R/iD3H4rr+kvcp5Q=
Last-Modified
Mon, 17 Jan 2022 00:04:57 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:19 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
0d56db7b1ed7a3f69947463bc499f51215517.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/774/ Frame AA70
4 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/774/0d56db7b1ed7a3f69947463bc499f51215517.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
3f68f0fe85088413ca07fb4bcfa54fd66513d9bd41e63492a8323241ae2fa8d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
w0wqBxMFkvA8m5jhzIz.rjEQ8bg06oh7
ETag
"b53cb95b04e82056353ce65ac92f3170"
x-amz-request-id
AKZN4CTCS1S8TVYB
Connection
keep-alive
Content-Length
4450
x-amz-id-2
mrYVismV/CYNzDWhG8sonm0pqKxrIIFV8rufAP6s3OBDjhqatcKhOveSHL0GKDmOSJXHm3zPNHk=
Last-Modified
Wed, 29 Dec 2021 20:59:00 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
fa08c8c5f36fa4e7e7ec477473097f2608c86.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/3ef/ Frame AA70
5 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/3ef/fa08c8c5f36fa4e7e7ec477473097f2608c86.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
a6464fc0eb6b5fce0e5d8204f40d49c35defad5b7e4a9a9da9f7a1f29234d5e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
q5ozGUt0Fe1tgGtT_IhDytDGvQKo_Ro6
ETag
"a6d77c174aad8f40ecb91bd8d28cc7d3"
x-amz-request-id
8P4FM3E6DMJ98BMN
Connection
keep-alive
Content-Length
4954
x-amz-id-2
sLnpAOG4b9m57DdEM01aLC9tgh20dVvJ24jmTCiUmMGtUxl0+k+I5Eg7WAhV0rQkTCMmdbgaov8=
Last-Modified
Sat, 29 Jan 2022 23:48:26 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
6662ca1f45e0b8211c5822924e39bbca1fbd4.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a47/ Frame AA70
7 KB
7 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/a47/6662ca1f45e0b8211c5822924e39bbca1fbd4.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86241bf2c28287a901325479e6e81fc705d5f172eee72ec3a6689e89b356b65f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
z.rJYwdZ5DOd3FJZBOvsvhF1J9VB2RTl
ETag
"d22d34826eb8acd6bb5b870d0e25967b"
x-amz-request-id
EMR175T7B2WHZ77H
Connection
keep-alive
Content-Length
6820
x-amz-id-2
+uEVFsuxx6/mBnPoZXfE4P4c+UG0vvr5HrRaRCO4vODmacNuLc2VxCvCDe0jdLFfhydbJuDNHK0=
Last-Modified
Sun, 23 Jan 2022 03:43:25 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
1b18efa1637204d43244476b2126322e47f92.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/916/ Frame AA70
5 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/916/1b18efa1637204d43244476b2126322e47f92.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
9bcbdab206f332717a183b0f4cfe9b02eb81364800a984e75137403be1aeacfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rOtt9tXPzGZVeEMeTYx_UKItX__llQma
ETag
"534afc3f33b2d079e0a59a555aa66105"
x-amz-request-id
Z8T3PYR06KD2K1TN
Connection
keep-alive
Content-Length
4799
x-amz-id-2
BbbPBZPVBYLg8Gq9p3Apov4z2bcP+P6tal9MbcDDWSXy/dnRmzWCwxIS5919HR+MApvEeYuXk3U=
Last-Modified
Mon, 08 Nov 2021 22:43:20 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:19 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
cbcaee4ca65ac2a3737fc2baf08bd4c87f626.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/468/ Frame AA70
2 KB
3 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/468/cbcaee4ca65ac2a3737fc2baf08bd4c87f626.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
873483f78bbcb7234d8d4522a3c208cd8e81e2348821fa94cb928175bd6e6f82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ISBTa09K47ehsJTlhDUSGox5JhwrRve3
ETag
"cb62f582c963b1804a57898fb0691bbf"
x-amz-request-id
RZ8SVBFJQKEC07RQ
Connection
keep-alive
Content-Length
2408
x-amz-id-2
Skh+xObEXmiBaLJHX7MXV8b04TLKTTM8AWdf9/20coU6l1IH07o9udExopcUD5bMSjywoZmm99s=
Last-Modified
Wed, 12 Jan 2022 18:36:48 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
8a4de077a56e615c2424101a58d2332beda7f.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/6c4/ Frame AA70
8 KB
8 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/6c4/8a4de077a56e615c2424101a58d2332beda7f.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
080002e98e845ca1703693ce57c6a28074f674975988e80a19778f404cc3ed0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
EXZxVh405yjgzVY9ivciFICgydnOAiRx
ETag
"343a29deeda517e2e3444b49ee32fbf1"
x-amz-request-id
R5P75A4A5DG8544V
Connection
keep-alive
Content-Length
7785
x-amz-id-2
6V4eNiB8Yah4vlTnfrlnHgmHM66zknNF0zNobbdk9UdWOO4C5Mqe8MF1HFwsSbjeKQX/6Nl/EN0=
Last-Modified
Sat, 15 Jan 2022 02:52:50 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
09f1e5f8eecb9188be2a7313792b5d1396ef4.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/a87/ Frame AA70
6 KB
7 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/a87/09f1e5f8eecb9188be2a7313792b5d1396ef4.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
b70d79c801f56d461c359b7473fff15431e96e097b460522081df050ce10a7fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
BzhCnr_WDvL_4N7ANVlp2XbH9aQ2MOmW
ETag
"e7fe132d6a9d164948e79cf80e9e4ae9"
x-amz-request-id
5BZ1N3YTQKACK5B1
Connection
keep-alive
Content-Length
6041
x-amz-id-2
4SQRxY3vM7+sIx5M3zSXPWmf+16a/mkJDDfiOzBKSPgWn1ytTyKFHEzPQNAP71KJbJvuskArYPw=
Last-Modified
Fri, 14 Jan 2022 02:39:01 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
e53c336648f97d9ae356de2ea0b3dd9a189aa.jpeg
images.dable.io/thumbnail/news.ntd.com/200X125/b29/ Frame AA70
4 KB
4 KB
Image
General
Full URL
https://images.dable.io/thumbnail/news.ntd.com/200X125/b29/e53c336648f97d9ae356de2ea0b3dd9a189aa.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
bd66e849a6201185b6d84b2b33c829983b230044446896091bf9df9408ff3a65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ZO8f4MCcFFAeottUrAGb1bcrDuIXq6Ge
ETag
"9bd38f449158b3e0ce9e59bae5e49a58"
x-amz-request-id
Z8TFN6DRYS2C4RHK
Connection
keep-alive
Content-Length
3802
x-amz-id-2
OeRLeAejUxGcjKCwY6NKEWdXpoXRMIIVIapevnVG+v8GfUGGN1nzaB207jZ2760FQ0Q1hBPiSuM=
Last-Modified
Sat, 04 Sep 2021 20:34:40 GMT
Server
nginx/1.20.0
Date
Mon, 07 Feb 2022 11:44:19 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
710ff02bd2abe225394cd46f743b767cc69c8.jpeg
images.dable.io/thumbnail/img.ntd.com/200X125/2f1/ Frame AA70
5 KB
5 KB
Image
General
Full URL
https://images.dable.io/thumbnail/img.ntd.com/200X125/2f1/710ff02bd2abe225394cd46f743b767cc69c8.jpeg
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c244c8c754aa51349f3c40e4d41fb2f46fe4c031c0c043a47b756be035d2683

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
s3rZxjufssHnYCThLaqHYW4UaDVYD_74
ETag
"7bd2713c06acc181253a95f794013fac"
x-amz-request-id
TRQ7QZ31EZH5M6TM
Connection
keep-alive
Content-Length
4826
x-amz-id-2
ygAQfwOn5MW8/Gg3ENTJbv/yBOxl8NhfiC3790UWjuJN9pqg6v9z1Vj1IJUAXnZ62ZuCs8DDCI4=
Last-Modified
Sun, 09 Jan 2022 15:21:21 GMT
Server
Apache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame 7DA8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQewEFNwaVyxFC5zovnEJ5b4M3E5c8Mw6Xjv55bsSwNsf_xgvfRVu1fXZESjE0CvmCQQ3O2e_FaaBo_8Lk9naeiWVSE03YIwmuDF_sZlFBjdR4kjr3FoffJn6zy9LEaVUGGfiRRfONbWE_KF--RR_UV0WOd38TMmANEjA59hMApvuBHsjm4_VZ8NpTkoUnn15QO0kT6vRSJZ6ynAbeIhayfyBGw51c0ETLI6w-MULjYJdP4N0ak38wdamWSjNlusMFT3yu6IZ0y5e3uM7MByQyOcDXhBw9UTDxJypKWNQFsX_f0mA7y_DntKjdrtWeCFKCshRlyy8yXR0&sig=Cg0ArKJSzGgP1C_8z2LBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 07 Feb 2022 11:44:16 GMT
truncated
/ Frame 7DA8
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd50e251c4824bcebbc68e52ab04aa82e679a28547a700fd79a67002c2bfc2a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
rtbsspub
xch.media.net/AdExchange/
13 KB
2 KB
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=37588093845714361644234257048&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*175%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*178%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*201%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*203%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*214%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*222%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1%40445443433*229%7C300x250~300x600%7C8CU734595%7C375117874~277543751%7C%7C%7C1%40445443433*251%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.05931825652908729&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A867.234375%7D%7D&encryptionVersion=0.0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
6acab0f87e2f888a567b5b0bf1f8107bdf161ec57460aa9f11bc356f66827ee9

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/
2 KB
942 B
EventSource
General
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=34464450081604941644234257049&gdpr=1&gdprconsent=0&cid=8CUBNN02K&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=445443433*97%7C300x600~300x250%7C8CUBNN02K%7C445443433_8CUBNN02K~445443433_8CUBNN02K%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.0710496122654316&tscode=1&crid=445443433&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.ntd.com&https=1&requrl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&taginfo=%7B%22445443433%22%3A%7B%22supply_tag_id%22%3A%22right_column_ad_0%22%2C%22xps%22%3A1214%2C%22yps%22%3A867.234375%7D%7D&encryptionVersion=0.0
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5b742cf2a72cd7f6fdcf26a9033e40e4821971718b760707df2b3a849e043e42

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
19 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3655452946979809&correlator=3065812546569998&output=ldjh&impl=fifs&eid=31064719&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=first_article%3Dtrue%26amznbid%3D1%26amznp%3D1%26mnetPageID%3D11%26mnetCC%3DDE%26mnetCV%3D1%26mnetUGD%3D4%26mnetCID%3D8CUBNN02K%26hb_abt%3Dhb%26mnetDNB%3D1&eri=1&cust_params=ENTD_category%3Dchina-10%252Celection-integrity-36899%252Cinternational-19679%252Cny-13616%252Cnews-8%252Cpolitics-5990%252Cus-9%252Cworld-11%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&cookie=ID%3D8efcf3f54232ee53%3AT%3D1644234255%3AS%3DALNI_MY-shJ-fqPY_BnOu06fDw2nHCVLrg&bc=31&abxe=1&dt=1644234257103&lmt=1644234257&dlt=1644234254623&idt=1109&frm=20&biw=1600&bih=1200&oid=2&adxs=1028&adys=867&adks=2760480871&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&vis=1&scr_x=0&scr_y=0&psz=372x0&msz=372x0&psts=AGkb-H-ffAEnlCwRM3HcRAivwn4APzWiRRuMve7SjYjpHmBNWysvTaq2fcDNNnuT_VGD74TFOk32UhJOcqY_xPY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1209118702.1644234255&ga_sid=1644234256&ga_hid=880469812&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
159f8542ae9d703b82867b64c59c12cac589e43d87be967fccb2f25a45aa70b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8778
x-xss-protection
0
google-lineitem-id
5901908563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138379786852
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DA8
42 B
497 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxA-RFRw3h5Q6Sbds-JkgQcJzaQqgl_o1ODpWHqHbvojeCMnR5x0e6AGpJ6Io4FQ8VpEBavNnzs5y-58b6OzDXh3kZfU47whpEGP1ZsxqhgPq8Ws3M&sig=Cg0ArKJSzHu3Yfff9uxYEAE&id=lidar2&mcvt=1000&p=135,315,385,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1030851624&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644234256578&rpt=164&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 132D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHdvKFOMZsOjT4T-txWcoN0fRuqSS475ukxrmAmCLr84_n4MBW8Y1fyUW6OpyhjZZYWQs1eSUDzvVVx_CZpG7BIzIIjQ0dBX8JwXxnN2joReaQA9ME6MmHr-5OLK9v5Iy_4x9RAkDOxzSGxScGDrbkQJcIfjN4BfWA_6nopSq6ArXHk9-RWtnXcEdqDgG7qFaKatAcVFrW-bKd9wrxaGY9jamT4MiD3TVc3OhfZRV4ePzXnxpXHDxB3XxHudus1DP_6v4_B3WiLADDW1rarBViuRkg7DxWJI98uMPeyW17QRUmrkd7xsyo2qbjFD6wkc4tDAgn4W4EKjqkBFI&sig=Cg0ArKJSzP_8GKBbGTxjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 132D
123 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 11:44:17 GMT
2872466857294283577
tpc.googlesyndication.com/simgad/ Frame 132D
214 KB
214 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2872466857294283577?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aad2d63ef62494907810c6a1a3a47e827e3c0a4babce855cadf0fc16cf397a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 06:51:25 GMT
x-content-type-options
nosniff
age
276772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
219539
x-xss-protection
0
last-modified
Fri, 28 Jan 2022 03:27:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 04 Feb 2023 06:51:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 132D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR6kfobnSgm8X9YqykXXiUmPum_4mIwoGcIoloOkcCn0vl-QHgmvybipel1fLkbI0u9RSUZ_hXc2846itI-s-XS2r3MXocDh1eveFzuNZeonJcP2sf-lOwJeeT-AaCC5DmURgfatXSpM7bxuLxJbkC8KF__Z_AUuMQKOaHdyMs3NUi0Ei13YKWqF0aGN6yeqPY2_6JM-Z8R-vM2tejQ4SXL4o0PiHWA-jOOi913IBDm17ATpktvikYqu4A0CDcub19e1p3tdTxIOwbBg0ed8rO-2CYJ12ctrvQnLDJoHyKrBnqINqypPtyNRHOSrrpeVY&sig=Cg0ArKJSzDdYBlb-A_0_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 07 Feb 2022 11:44:17 GMT
truncated
/ Frame 132D
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b85a7e045a0d21f773407d472f66223e8050551b824a111cd2e44059687b244

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
async_usersync.html
acdn.adnxs.com/dmp/ Frame D689
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 06 Feb 2022 02:33:27 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 07 Feb 2022 11:44:17 GMT
Age
33049
X-Served-By
cache-lga21969-LGA, cache-hhn4042-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 497650
X-Timer
S1644234258.999363,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8F40
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 06 Feb 2022 02:33:27 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 07 Feb 2022 11:44:18 GMT
Age
33049
X-Served-By
cache-lga21969-LGA, cache-hhn4039-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 494635
X-Timer
S1644234258.001478,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6F34
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 3F9B
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

date
Mon, 07 Feb 2022 11:44:17 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d9c5d90582a5b3e-FRA
showad.js
ads.pubmatic.com/AdServer/js/ Frame AB56
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=149680
expires
Wed, 09 Feb 2022 05:18:57 GMT
date
Mon, 07 Feb 2022 11:44:17 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E7FE
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 885B
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 07 Feb 2022 11:44:17 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7CBC
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=149680
expires
Wed, 09 Feb 2022 05:18:57 GMT
date
Mon, 07 Feb 2022 11:44:17 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 13FF
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6456
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=149680
expires
Wed, 09 Feb 2022 05:18:57 GMT
date
Mon, 07 Feb 2022 11:44:17 GMT
vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 20BF
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

date
Mon, 07 Feb 2022 11:44:17 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d9c5d9068345b3e-FRA
pd
u.openx.net/w/1.0/ Frame C22E
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 07 Feb 2022 11:44:17 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame BACE
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 80A4
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5167
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=149679
expires
Wed, 09 Feb 2022 05:18:57 GMT
date
Mon, 07 Feb 2022 11:44:18 GMT
vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 2221
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d9c5d9088655b3e-FRA
pd
u.openx.net/w/1.0/ Frame 1C38
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 07 Feb 2022 11:44:18 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
cdn.districtm.io/ids/ Frame 63C3
0
0
Document
General
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d9c5d90886f5b3e-FRA
async_usersync.html
acdn.adnxs.com/dmp/ Frame 15F3
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 06 Feb 2022 02:33:27 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 07 Feb 2022 11:44:18 GMT
Age
33049
X-Served-By
cache-lga21969-LGA, cache-hhn4042-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 497652
X-Timer
S1644234258.018931,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8ABC
0
35 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 07 Feb 2022 11:44:18 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7263
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Sun, 06 Feb 2022 02:33:27 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 07 Feb 2022 11:44:18 GMT
Age
33049
X-Served-By
cache-lga21969-LGA, cache-hhn4039-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 494637
X-Timer
S1644234258.034763,VS0,VE0
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 6F34
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d63292fd95a28ebf1fb0c272b04f7ee06089b90afe614d21248a0c4d79f66358

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22894
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 07 Feb 2022 18:05:52 GMT
async_usersync
ib.adnxs.com/ Frame D689
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f81fa991-1b3e-4066-8c5b-02d953487da3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8F40
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5b9f035a-ca78-43c6-b4f7-344d08fcf502
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 15F3
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
55de5b84-daa3-4652-9928-63029ceb01fe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7263
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e6c286ad-cd84-40ca-9c3b-6ecad4540dd8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4049
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a706f7f15a01951042ac975de625cbb92c53ce143a358e1f3e611c6b4dd3f0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|111|4|196|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Content-Length
1572
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d97e593468a02272d5c689b72d2e57188aa87710994719831d85431398d6ea57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|64|57|195|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Content-Length
1771
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 6996
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86e734a9cf822d2d5e69caa0567b1ce0dbba0b5d661ee0f07a8fda66352ec0da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|191|188|206|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Content-Length
1673
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 675F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d2e437d4177a545dad9b06a4b34db2b121bbfb5857b4eaee9bf6a153059d5b0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|40|65|176|26
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Content-Length
1626
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 07 Feb 2022 11:44:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Connection
keep-alive
rubicon
match.adsrvr.org/track/cmf/ Frame 6F34
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6F34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmEwNzgxNmIwY2JiMjYxMzZjYmJjZGVkOTYxMjA0ZTAyNDZmODQ0Mg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmEwNzgxNmIwY2JiMjYxMzZjYmJjZGVkOTYxMjA0ZTAyNDZmODQ0Mg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmEwNzgxNmIwY2JiMjYxMzZjYmJjZGVkOTYxMjA0ZTAyNDZmODQ0Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6F34
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=476b6201-0612-4200-8acf-07bdc7c9b032
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=476b6201-0612-4200-8acf-07bdc7c9b032
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=476b6201-0612-4200-8acf-07bdc7c9b032
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Feb 2022 11:44:17 GMT
tap.php
pixel.rubiconproject.com/ Frame 6F34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOL2wTqKc-jlymNFFalDlpU&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOL2wTqKc-jlymNFFalDlpU&google_cver=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOL2wTqKc-jlymNFFalDlpU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 6F34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCMMFI1-V-L71C&sigv=1&esig=2~49d195908a0cbdbfa92caf8b58151a9632db569e
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCMMFI1-V-L71C&sigv=1&esig=2~49d195908a0cbdbfa92caf8b58151a9632db569e
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCMMFI1-V-L71C&sigv=1&esig=2~49d195908a0cbdbfa92caf8b58151a9632db569e
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6F34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5fTVn4tEPBUV49yFwfJuwA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8837050713991943263
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8837050713991943263
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Mon, 07 Feb 2022 11:44:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8837050713991943263
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
709414.gif
id.rlcdn.com/ Frame 6F34
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

tap.php
pixel.rubiconproject.com/ Frame 6F34
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgEGEgAEXRFMCgAy
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgEGEgAEXRFMCgAy&_test=YgEGEgAEXRFMCgAy
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgEGEgAEXRFMCgAy&_test=YgEGEgAEXRFMCgAy
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644234258.484508,VS0,VE0
x-served-by
cache-cdg20779-CDG
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgEGEgAEXRFMCgAy&_test=YgEGEgAEXRFMCgAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dcm
s.amazon-adsystem.com/ Frame A7D9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F9W9N5XERE3EQW2M8A8T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
86AGFT1MHK97HEJNCV15
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A7D9
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgEGEnUTT6Mn9KT7ypwHIgAABFkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A7D9
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEjeSzzYjxlomw27FrAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
43 B
1001 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646826258
43 B
998 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646826258
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646826258
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519453469972
43 B
1007 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519453469972
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588519453469972
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f8863e60-15c9-43a8-823f-c2ca9a42107a
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f8863e60-15c9-43a8-823f-c2ca9a42107a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f8863e60-15c9-43a8-823f-c2ca9a42107a
date
Mon, 07 Feb 2022 11:44:18 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A7D9
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1007 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Mon, 07 Feb 2022 11:44:18 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A7D9
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgEGEnUTT6Mn9KT7ypwHIgAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2031
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 12:18:09 GMT
dcm
s.amazon-adsystem.com/ Frame 4049
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HPDGS9HX63VD1YDP729A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GHPY51Q40BC3QS9A2Y03
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4049
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4049
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
43 B
1001 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4049
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
c1.adform.net/serving/cookie/ Frame 4049
0
331 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 4049
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7921785846982813187
43 B
1008 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7921785846982813187
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7921785846982813187
pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4049
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

date
Mon, 07 Feb 2022 11:44:18 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
tpid=YgEGEjeSzzYjxlomw27FrAAA%261157
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 4049
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.240
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YgEGEjeSzzYjxlomw27FrAAA%261157?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.25.131
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4049
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgEGEjeSzzYjxlomw27FrAAA%261157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2031
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 12:18:09 GMT
dcm
s.amazon-adsystem.com/ Frame 6996
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G0QEEN2JPYSEGHQFXGRB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8R6QXSS2HG06QHMNWFJ4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6996
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6996
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6996
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
43 B
1001 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 6996
43 B
261 B
Image
General
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
last-modified
Mon, 07 Feb 2022 11:44:18 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 07 Feb 2022 11:44:19 GMT
CookieIndex
rtb.adentifi.com/ Frame 6996
0
88 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.197.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-197-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6996
0
124 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YgEGEjeSzzYjxlomw27FrAAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
YgEGEjeSzzYjxlomw27FrAAABIUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6996
43 B
989 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgEGEjeSzzYjxlomw27FrAAABIUAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:58ff:414:f08:16d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6996
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgEGEjeSzzYjxlomw27FrAAA%261157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2031
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 12:18:09 GMT
pixel
cm.g.doubleclick.net/ Frame 675F
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 675F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgEGEnUTT6Mn9KT7ypwHJAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
43 B
1001 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECbgSJfEwrZcqk-AD5DlixA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 675F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 675F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2VZX38M3K2HPE86MB0QJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GDQ8JA4KEASRZEVHSF2C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAABFkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 675F
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644320658&gdpr=1
43 B
315 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644320658&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644320658&gdpr=1
pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
113
match.deepintent.com/usersync/ Frame 675F
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
content-length
0
server
b
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 675F
0
99 B
Image
General
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YgEGEnUTT6Mn9KT7ypwHJAAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12819
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 675F
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgEGEnUTT6Mn9KT7ypwHJAAA%261113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:18 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2031
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 12:18:09 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame F5A4
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.ntd.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
a35f0d2c403e7f02e18e8c2acffa612aa3c8c5575141a3fc922b99a10fa5f5ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 07 Feb 2022 11:44:18 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 07 Feb 2022 11:44:18 GMT
pragma
no-cache

Redirect headers

date
Mon, 07 Feb 2022 11:44:18 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
crum
dsum-sec.casalemedia.com/ Frame F5A4
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=f7ae8aa5-dcae-4fde-806c-e049f14c94fa&expiration=1651923858
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Feb 2022 11:44:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 132D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvg7HtfY1WqpWIVdAWpsO4Hr9DLq85PBPgpcKhkUDip-jC7NjVOoptq8Ju9wrdHN1RH349BK8vF8rkQ5Xi3rcRb-Je_y6Tjn2z2JZBI0FjxZjymDRrM&sig=Cg0ArKJSzGhRJJeXzVvBEAE&id=lidar2&mcvt=1000&p=867,1064,1467,1364&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220202&bin=7&avms=nio&bs=1600,1200&mc=0.56&app=0&itpl=19&adk=2760480871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644234257785&rpt=89&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D689
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:19 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d113e8e6-795e-4227-b124-7703a9550483
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8F40
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:19 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e83b9b3f-e08f-432c-ab70-77b04e3648f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 15F3
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:19 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f34ae501-d07d-4ab9-a135-a04d725f3643
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7263
0
729 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Feb 2022 11:44:19 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
05103aa6-cb24-4645-b201-3eb606ba0b8a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
checksync.php
hbx.media.net/ Frame 0025
28 KB
10 KB
Document
General
Full URL
https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=3018%2C3015%2C97%2C77%2C188%2C3008%2C208%2C255%2C109%2C117%2C3014%2C2026%2C159%2C3012%2C222%2C201%2C203%2C273%2C2027%2C225%2C229%2C2030%2C2033%2C214%2C59%2C184%2C141%2C3007%2C3%2C2034%2C178%2C80%2C251%2C186%2C246%2C226%2C108%2C193%2C157%2C3017%2C3016%2C126%2C175&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a439b42852f9a1838bdd482fc7380de5fed31d8e20b44d72043c9d130d99548e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 09 Feb 2022 11:44:19 GMT
date
Mon, 07 Feb 2022 11:44:19 GMT
content-length
9869
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67a713f396bba7b6030f985556be693da6012961ee9916d05b1f944a0dbc8c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 11:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9826
x-xss-protection
0
view
stat.media/counter/
0
135 B
XHR
General
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.162.95.67 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
sm-server1-1.smir13.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Mon, 07 Feb 2022 11:44:19 GMT
Server
nginx
Connection
keep-alive
ge.js
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/
25 KB
26 KB
Script
General
Full URL
https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.132.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 11:44:21 GMT
Last-Modified
Sun, 21 Nov 2021 17:31:13 GMT
Server
AmazonS3
x-amz-request-id
W76S56PAXH8Y7MQ9
ETag
"d3e7c690ed8fb30d767f4a9c2818372f"
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
25848
x-amz-id-2
Q7wOeVLHtluoEFjcnln6jGNPtjW0mdsoylyWsDkuyG+qSc7fMCFKqHsJEVu7cg8D2hwdOUPKzrs=
Expires
Tue, 21 Dec 2021 17:31:11 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical%2dentities%2dtargeted%2din%2dsuspected%2dchinese%2dcyber%2dspying_627894%2ehtml
  • https://a.clickcertain.com/px/?c=2455d1796b86efb
3 KB
2 KB
Script
General
Full URL
https://a.clickcertain.com/px/?c=2455d1796b86efb
Protocol
H2
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f94c612cee9b08a6141930dc126e3bb7c1bd48668f36400ab46e9a2df8e1adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
content-encoding
br
x-frontend
cc-nginx-746688cd7c-dwzrc:cc-nginx-746688cd7c-dwzrc
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
6392a4f2-6175-9ba5-b1aa-e7a79a94f885
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyzrNoJmT%2BSy3h8KIPpOebWEYw4tlpvgxKn6i4qX9hI%2FwI2oNjYhIsGpoUXhYg6hSJnSzVZFnJFVNx0YwtyVJZOA9RPhQw1wFWv7FAw8j6xI0e2AgkkjPMoG%2BM%2FDZGVozb2vKqbchCeEDjNL8ZHPCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-envoy-upstream-service-time
17
cf-ray
6d9c5d9e2ee05a1f-MXP

Redirect headers

date
Mon, 07 Feb 2022 11:44:20 GMT
x-frontend
cc-nginx-746688cd7c-ngln4:cc-nginx-746688cd7c-ngln4
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
902d96c8-1eb8-941f-8ee1-b59e250df420
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ5dHzzSMzTPkDxdGrOqxdI4WFYedVIr14nurQOrZwIMKIBu727EzaZgTnPJWaLN4fIvEfgF8yN1o0St3LDRDgOtD9vCqq2pWjiLFrcRoymRQrYGjIFchf0mUbouAPmi0waY2laNwmbqxhdrDmiEOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://a.clickcertain.com/px/?c=2455d1796b86efb
x-envoy-upstream-service-time
34
cf-ray
6d9c5d9ceb115a1f-MXP
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 11:44:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CB3A
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 11:43:58 GMT
expires
Tue, 07 Feb 2023 11:43:58 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E51B
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c7aa71aef29ba71b7ecd353df3c9f5a6eca5f47c7683649ee286ba4d2b09482
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wkxnPrzL5+9axP8ZuNZeWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Feb 2022 11:44:19 GMT
date
Mon, 07 Feb 2022 11:44:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wkxnPrzL5+9axP8ZuNZeWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
pagead2.googlesyndication.com/bg/ Frame CB3A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 10:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
178070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Feb 2023 10:16:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E51B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020101&jk=3655452946979809&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

log
c21lg-d.media.net/ Frame 0025
35 B
194 B
Image
General
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2872358597578893000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUBNN02K&cs=1&cv=37&hb=1&prvid=3018%2C3015%2C97%2C77%2C188%2C3008%2C208%2C255%2C109%2C117%2C3014%2C2026%2C159%2C3012%2C222%2C201%2C203%2C273%2C2027%2C225%2C229%2C2030%2C2033%2C214%2C59%2C184%2C141%2C3007%2C3%2C2034%2C178%2C80%2C251%2C186%2C246%2C226%2C108%2C193%2C157%2C3017%2C3016%2C126%2C175&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 07 Feb 2022 11:44:20 GMT
generate_204
tpc.googlesyndication.com/ Frame CB3A
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?yU6AIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
impression
api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/ Frame AA70
2 B
94 B
XHR
General
Full URL
https://api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/impression?source=627894&pick=&rm=10.1.5&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=69007821.1644234255980&widget_id=Ql9OO5o4&request_id=k2rx2ozA7f5qlwRq&reco_list_lz=NobwRAlgJmBcYHYBMAOJAWFYA0YC2ApgC4AWA9jPAIwAMAdFXQKxgC%2B240ciqSVAbDnzFylMLQbM2HSGIQBmDPKpDCpCtwmMW7TnPn8D6VSI3V626Xu4KaATiYrca0ZotTdsm-PS%2Bsz0zEtDxkueGR%2BFDsnYXUg9x1QuVR%2BJn9Y13NJROtwpAQUdCQTOLdsqy88lAMEEszxBIqwxGVq4wDSrMtPZuQ7OwRajvrgnMqW-gQmFmGzBvKe5IK0urnRpv1UqdX4haTveTskGYy1xsXvGmQTlzO93Jb5K5odsu79vP50JnlXrpCHsgEPxDH95u9AU9DDFbrsIeMFEwinYwesLnkmPZ0rC3h4ALpAA&uri=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
server
nginx/1.20.0
content-length
2
content-type
text/plain; charset=utf-8
impression
r-log.dable.io/s/ntd.com/u/69007821.1644234255980/ Frame AA70
35 B
140 B
Image
General
Full URL
https://r-log.dable.io/s/ntd.com/u/69007821.1644234255980/impression?source=627894&pick=&rm=10.1.5&cm=0.0.0&channel=side_bar_widget.default&reco_type=personalized-related-news&cid=69007821.1644234255980&widget_id=Ql9OO5o4&request_id=k2rx2ozA7f5qlwRq&reco_list_lz=NobwRAlgJmBcYHYBMAOJAWFYA0YC2ApgC4AWA9jPAIwAMAdFXQKxgC%2B240ciqSVAbDnzFylMLQbM2HSGIQBmDPKpDCpCtwmMW7TnPn8D6VSI3V626Xu4KaATiYrca0ZotTdsm-PS%2Bsz0zEtDxkueGR%2BFDsnYXUg9x1QuVR%2BJn9Y13NJROtwpAQUdCQTOLdsqy88lAMEEszxBIqwxGVq4wDSrMtPZuQ7OwRajvrgnMqW-gQmFmGzBvKe5IK0urnRpv1UqdX4haTveTskGYy1xsXvGmQTlzO93Jb5K5odsu79vP50JnlXrpCHsgEPxDH95u9AU9DDFbrsIeMFEwinYwesLnkmPZ0rC3h4ALpAA&uri=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&is_gif=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.dable.io/widgets/id/Ql9OO5o4/users/69007821.1644234255980?from=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&cid=69007821.1644234255980&uid=69007821.1644234255980&site=ntd.com&id=dablewidget_Ql9OO5o41&category1=China&ad_params=%7B%7D&item_id=627894&item_pub_date=2021-06-15T10%3A58%3A55-04%3A00&pixel_ratio=1&client_width=372&network=non-wifi&lang=en&pre_expose=1&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 11:44:20 GMT
server
nginx/1.20.0
content-length
35
content-type
image/gif
plugin.min.js
static.dable.io/dist/
107 KB
34 KB
Script
General
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.121.183.2 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-183-2.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LnUEiQicLR0PB_19rEBkqllnYGNw9feA
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 07:32:04 GMT
Server
Apache
x-amz-request-id
ENYC27HPRJAQNJ7A
ETag
"8149da179cc4858e221e9c80dc7ccd6c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=78006
Date
Mon, 07 Feb 2022 11:44:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33936
x-amz-id-2
Ai18JKIkcI4tcAVy/8HMX8J3+hqyHec7CrgMrZtpvg3yyVSUV0xfs8ker2NB9R4+JO7C14FuZO8=
view
api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/
54 B
201 B
Script
General
Full URL
https://api.dable.io/logs/services/ntd.com/users/69007821.1644234255980/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=69007821.1644234255980&z=67388&callback=dbljson4
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
66e873224f8f45d8352d754911e3ab1220145e5d8a89b52338dba1fbb61f64bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.0
content-type
text/javascript; charset=utf-8
view
r-log.dable.io/s/ntd.com/u/69007821.1644234255980/
54 B
198 B
Script
General
Full URL
https://r-log.dable.io/s/ntd.com/u/69007821.1644234255980/view?url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&ref=&lang=en-US&items%5B0%5D%5Bid%5D=627894&items%5B0%5D%5Bc1%5D=China&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&cid=69007821.1644234255980&z=67388&callback=dbljson5
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.79.156.248 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-79-156-248.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
654d20411dda7f4c4ae35fa468aed9ac3c35e7d38b20f8a0c2b2793534f562ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 11:44:20 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
google
adx.dable.io/pixel/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://adx.dable.io/pixel/google?google_gid=CAESEOHoCncaorExh_UMXbE4OXY&google_cver=1
35 B
206 B
Image
General
Full URL
https://adx.dable.io/pixel/google?google_gid=CAESEOHoCncaorExh_UMXbE4OXY&google_cver=1
Protocol
H2
Server
3.39.1.125 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-39-1-125.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
server
nginx
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adx.dable.io/pixel/google?google_gid=CAESEOHoCncaorExh_UMXbE4OXY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/
47 KB
12 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.126.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-126-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4ba0b86c4c223c8cfcbdb4d002d9167fd346d6b07850fccd9e9585222ca8f9a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
content-encoding
gzip
x-f1
1
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=69007821.1644234255980
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
0
493 B
Image
General
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
Protocol
H2
Server
121.53.104.194 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain;charset=UTF-8
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220207%22,%22u%22:%2269007821.1644234255980%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
0
main.gr.19.8.284.js
static.adsafeprotected.com/
189 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 17:07:13 GMT
content-encoding
gzip
age
1017428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 26 Jan 2022 16:52:12 GMT
server
AmazonS3
etag
W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary
Accept-Encoding
x-amz-version-id
dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
_sdj19twBhkXD8pgKlCbfRCP_7Lhk8Qm94J-EI6tH64VQVJ8YxoUZQ==
sca.17.5.12.js
static.adsafeprotected.com/ Frame B0F4
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
11158550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
0krM86UiFSasAMSbJI2rc4tG351iQdglDKOTrIY3jYilqaV0GKFJqA==
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null&adsafe_url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.ntd.com%2F&adsafe_type=f&adsafe_jsinfo=,id:78db95a1-ee65-d4c3-776f-a5b472b883c9,c:3xcLAk,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-75665b65c-jv5t6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:180.105.1240.5906,am:a,cc:0.0.1600.6943,piv:19,obst:0,th:0,reas:l,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:80,fm:sWKPokI+1*.931153%7C111%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1o11%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:109,oid:49a01bb0-880b-11ec-8dc3-6a7745acd784,v:19.8.284,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.126.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-126-50.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=78db95a1-ee65-d4c3-776f-a5b472b883c9&tv=%7Bc:3xcLAm,pingTime:-8,time:110,type:l,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:108,wc:0.0.1600.1200,ac:180.105.1240.5906,am:a,cc:0.0.1600.6943,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~1%5D,as:%5B26~1240.5906%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sWKPokI+1*.931153%7C111%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1o11%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.88.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=78db95a1-ee65-d4c3-776f-a5b472b883c9&tv=%7Bc:3xcLBl,pingTime:-2,time:171,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:7542,bdZ:7680,beA:7682,beZ:7683,mfA:7762,cmA:7764,inA:7764,inZ:7768,prA:7768,prZ:7777,si:7791,poA:7792,poZ:7833,cmZ:7833,mfZ:7833,loA:7840,loZ:7841,ltA:7852,ltZ:7852%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:19,vs:o,r:l,w:1240,h:5906,t:108%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:171,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:108,wc:0.0.1600.1200,ac:180.105.1240.5906,am:a,cc:0.0.1600.6943,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B87~1%5D,as:%5B87~1240.5906%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sWKPokI+1*.931153%7C111%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1o11%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,slid:%5B%5D,sinceFw:60,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.88.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020101&jk=3655452946979809&bg=!pKelp-PNAAYZkRhwGZE7ACkAdvg8WtZl7zylFXZ-IdcI8-mD0WhnFsaPeEX5nPzy0Qp3t1FFMKq2TAIAAABnUgAAAANoAQeZAr4zpSjASdonAsUNXc80-P15I6LUfkzCjp-l74PasbmyDGRg0UM3ZyXb1ZWc0QrtfsFtmyI3uc-dtNkiYiAqlEGtz_hdrWubbNwn1Y1DW9k2bn4I0WDEp1IPDmHSfvAnnvFj6ueW-13-dJy-5zP2ldHuGkDcGGAZty_yGSi2jsZMyCVO92Cw9HCU40cpcJU8M0F-49ud8SaZKHjZZkOROwIWeVRSGTYgfDzUxigkuQtOW5dUqgVP7Wr8hvIK-CAW3xifPhYRa-vcjlR0KtBpYy3kvSZTK3ysRXKXY9K3XaYJFKX5hzpYKL1-ovRaJxx5krt50jzSgXiY7eplpO1C7eQE4a2y9JkgcGnrRyo6Wh3Y4DOx13aRTROSqHrCveF_EpYCsYEaK5LX6kDoGdalczq0gD6UkGBOOmuG3mZ5iopfc8ABefSlOfUy4geoGps63cY3yWFtR0694W1qFHmRt8_ZXNWbBYYajsqUYN3PMdXl9E9R27BYuo-usrZNtdFK0o6j_ulP4csLKo8hv5rMCgar9WrEOIaSQZPAIM71mvyJ7RDPD_HZuCxSBDVWLCIMrfgoWbGUX0NPYhGACFHwMgvuapwrwFhtnCEAFi9gKdCLCD9WWwSYseMpjJdilVqJRmUxMdqAqsYgRVFJacTCiQefGGc3skrDNUBxUDJA0cjct13yaFy14zq3TQUnaxZzacubDHagYxz_QYUFNkycOHjgoXhpqORPAtbhQejYZotDlC9_-km4tXkEUsWbDa30nBdP6LDjF6_VYIuqIZKXL-2eX1LG-2DyQqQGpA3ZVxMsgriPtfRrcWTnhoy92yMNf277SqZaACC8ffb9jr-DkgbOnfhXmvMQicTUmXdPPVdooi3Lv-VNx8vSYhIvSRfg0PF6lN1XrzqzDz5elO-ch-ochCKndJYs8iKqq06a9Vs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...
  • https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%...
42 B
350 B
Image
General
Full URL
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25223f1d0f2a-9691-4c99-b548-1a41d6e7254c%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1
Protocol
H2
Server
35.83.79.238 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:21 GMT
server
nginx/1.18.0
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/GIF

Redirect headers

location
/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%25223f1d0f2a-9691-4c99-b548-1a41d6e7254c%2522%257D&title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tdc=1
date
Mon, 07 Feb 2022 11:44:20 GMT
server
nginx/1.18.0
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/GIF
/
a.clickcertain.com/px/cont/ Frame A65A
942 B
736 B
Document
General
Full URL
https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&cn=DE
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
311f5fc71e4f4edf36d5f78185a5548031fe7c9e75b820fe1d47073f38d38a1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Feb 2022 11:44:20 GMT
content-type
text/html
etag
W/"ZTVlYzFiMTNnOGEwOGc0ZDc2ZzlmOWJnYzY4NWQ3MDZkNWFhLXow"
x-frontend
cc-nginx-746688cd7c-69hj6:cc-nginx-746688cd7c-69hj6
x-requestid
3aaf64bc-977b-95ea-9ebc-6ed823f80d13
x-envoy-upstream-service-time
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F8YEmTERgasSjYmEOBIyhYCOOfltAjlFjxUVLix%2BUxOo6KSZEqRmN5nqoAluNgR6iLHg%2FmvlyJ3J3i3k0khZM5HfWO8coLdNv5yx8nvUcMNCEf0IyqFIHGXygLr29f73UHX7aEvZoF%2BslgBfs6%2BHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d9c5da08df65a1f-MXP
content-encoding
br
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=78db95a1-ee65-d4c3-776f-a5b472b883c9&tv=%7Bc:3xcLCf,time:227,type:e,im:%7Bimprf:%7Bttecl:329,ecd:36,tsecr:3%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:227,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:108,wc:0.0.1600.1200,ac:180.105.1240.5906,am:a,cc:0.0.1600.6943,piv:19,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B143~1%5D,as:%5B143~1240.5906%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sWKPokI+1*.931153%7C111%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i%7C1j1%7C1k%7C1l%7C1m%7C1n1%7C1o11%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.88.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
a.clickcertain.com/px/ta/ Frame A65A
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=bc0bacfb-6d54-4a4a-9296-0c505d503219
0
359 B
Image
General
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=bc0bacfb-6d54-4a4a-9296-0c505d503219
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&cn=DE
Protocol
H2
Server
2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:21 GMT
x-frontend
cc-nginx-746688cd7c-gl5g9:cc-nginx-746688cd7c-gl5g9
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
c48d42ab-e212-90e0-8aa5-8518aacf96a1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4sTKD5KYlhl2VCx7AlicYQrivkoiWoGW8p1uR6YSLV9mhg2%2BAQyYpxNasNR18NK3V5fZAZzOacTihjFG9Q7kkCj5rC%2FTNYs6NzO%2Fg4HaKpoUYIfORa4cY6IbdI5GbU34zzjfs7PLcvhalFyQTbiEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
19
cf-ray
6d9c5da2aca65a1f-MXP

Redirect headers

location
https://a.clickcertain.com/px/ta/?done=true&ta_id=bc0bacfb-6d54-4a4a-9296-0c505d503219
date
Mon, 07 Feb 2022 11:44:20 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
a.clickcertain.com/px/img/bidswitch/ Frame A65A
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%2...
  • https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3De5ec1b13%2D8a08%2D4d7...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&anx_uId=$UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&anx_uId=3872572469226267977
0
0

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=78db95a1-ee65-d4c3-776f-a5b472b883c9&tv=%7Bc:3xcLFG,pingTime:-10,time:440,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644234260772%7C%7C9d75b270dd8c21e1e4f8c9ea0fda5b69%7C%7C8866308252d63f9bf74b74e606896148%7C%7C86cdc17ff0d5dab6e2a493abf4816fb9%7C%7C557a39f4cd558fc47826955ecd57f6f7%7C%7C2701f90e13e0d0ddc60e6db273208819%7C%7Cbc6300281f0f2b657fa1106817ffc827%7C%7C710fcb9b0fa1535280586fa80b3c951d%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.88.222 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 11:44:20 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
checksum
api.dable.io/items/services/ntd.com/id/627894/
97 B
276 B
Script
General
Full URL
https://api.dable.io/items/services/ntd.com/id/627894/checksum?callback=dbljson6
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
53ba7ed6026a9f37ae7e7f3709054ea8e49a44ed7fefd47e963b6d36a97a0593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.0
etag
W/"61-M3iXe34Z+8l4fVoa1HhCstPKFQU"
content-type
text/javascript; charset=utf-8
update
api.dable.io/items/services/ntd.com/id/627894/
65 B
212 B
Script
General
Full URL
https://api.dable.io/items/services/ntd.com/id/627894/update?title=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying&image_url=https%3A%2F%2Fimg.ntd.com%2Fassets%2Fuploads%2Fexternal%2F2021%2F06%2FNew-York-City-subway-.jpg&price=&author=The%20Associated%20Press&currency=&sale_price=&sale_currency=&category1=China&category2=&category3=&custom1=&custom2=&custom3=&custom4=&custom5=&published_time=2021-06-15T10%3A58%3A55-04%3A00&url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&description=RICHMOND%2C%20Va.%E2%80%94A%20cyberespionage%20campaign%20blamed%20on%20China%20was%20more%20sweeping%20than%20previously%20known%2C%20wit&body_length=6622&callback=dbljson7
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.34.87.37 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-34-87-37.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
0ea64fe6b27a6e0382c699ee66e7c613fff45014e70ae469b8b15eaca7dffaee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 11:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.0
content-type
text/javascript; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.clickcertain.com
URL
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=e5ec1b13-8a08-4d76-9f9b-c685d706d5aa&anx_uId=3872572469226267977

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 function| pbjsChunk object| pbjs object| _pbjsGlobals boolean| apstagLOADED object| apstag string| ntd_primary_category string| ntd_user_id string| ntd_cat_ids string| ntd_term_ids string| ntd_all_term_ids string| ntd_cat_names string| ntd_ads_term_ids string| ntd_post_id string| ntd_author_nicename string| ntd_author_name string| ntd_primary_category_name string| ntd_tags string| ntd_tags_slugs string| ntd_publish_date string| ntd_last_updated_date string| ntd_word_count string| ntd_page_type string| ntd_tag_manager object| settings_obj object| dataLayer string| ntd_ga_id string| ntd_domain string| url_path undefined| arr_path string| GoogleAnalyticsObject function| ga function| twq function| $ function| jQuery object| pending_sections number| section_threshold number| infinity_ad_count number| right_column_ad_count undefined| ymkToken object| userGEO object| PipaUser function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll function| ntd_back_to_top function| epochGUID function| sortJSON function| play_livetv function| getUrlParameters function| init_pipa_paywall function| remark_panel_init function| ntd_ymk_userID function| ntd_get_share_counts function| ntd_set_share_counts function| ntd_get_email_list function| ntd_newsletter_subscription function| getUserGEO function| ntd_signup_newsletter_subscription object| ep object| jQuery111307468358928226049 object| google_tag_manager object| _comscore object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr function| udm_ object| ns_p object| COMSCORE object| regeneratorRuntime object| MicroModal function| expired object| epSubs number| PREBID_TIMEOUT object| ads boolean| ntd_no_ads object| ads_term_ids function| getRootDomain object| aps_slots function| display_ads function| fetchHeaderBids function| insert_ads_div function| display_infinite_ads function| display_right_column_ads function| get_ads_wrapper function| ednBidders function| ixbid object| googletag object| advBidxc object| slots function| referral function| setCookie function| getCookie function| dable object| cbJsonP function| cb_window_logger function| Chargebee object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __SENTRY__ object| recaptcha object| closure_lm_352687 object| remark_config function| dbljson1 object| REMARK object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| ntd_tv_1x1 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| jsapi_ object| JsAPI function| dbljson2 function| dbljson3 object| __statmedia object| U function| StatMedia object| statmedia49639 object| 4lyngcuguqm object| closure_lm_800468 object| geq string| cookieStoreData string| persistentUser undefined| firstpg undefined| dynamicPixel object| GoogleGcLKhOms function| dbljson4 function| dbljson5 function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient object| __IntegralASExec object| google_image_requests function| _0x2400c1 function| GeAnalytics function| _0x5117 boolean| geqpreprun function| run_ge function| _0x229f object| _geq function| _add_ctag object| body

56 Cookies

Domain/Path Name / Value
tnews.to/ Name: prli_click_3555
Value: china-cyber-spying-us
tnews.to/ Name: prli_visitor
Value: 6201060d7b1fc
.ntd.com/ Name: _ga
Value: GA1.2.1209118702.1644234255
.ntd.com/ Name: _gid
Value: GA1.2.1711601172.1644234255
.ntd.com/ Name: _gat
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1FA769b1edc5b9f05c829291644234255
.t.co/ Name: muc_ads
Value: 5c0871a6-5831-4fb6-bba6-01e3085dc79f
www.ntd.com/ Name: epoch_gdpr_userid
Value: 5e2922d8-49bf-aa7a-1dba-b5a4c084f372
.ntd.com/ Name: ntdViewCount_fb
Value: 2
.twitter.com/ Name: personalization_id
Value: "v1_qW8LTqT+grTXUy8QcYe1AQ=="
www.ntd.com/ Name: mnet_session_depth
Value: 1%7C1644234255398
.mixi.media/ Name: _sm_uid
Value: b4850e9e-08dc-4ef6-9688-fdf86e2b3ad1
.mixi.media/ Name: _sm_udt
Value: 1644234255814
.mixi.media/ Name: _sm_sid
Value: b601b5e7-f772-4228-a125-ecadb94f8106
.gumgum.com/ Name: cs
Value: true
.adnxs.com/ Name: icu
Value: ChgI159BEAoYASABKAEwj4yEkAY4AUABSAEQj4yEkAYYAA..
.ntd.com/ Name: __gads
Value: ID=8efcf3f54232ee53:T=1644234255:S=ALNI_MY-shJ-fqPY_BnOu06fDw2nHCVLrg
.adnxs.com/ Name: uuid2
Value: 3872572469226267977
.rubiconproject.com/ Name: khaos
Value: KZCMMFI1-V-L71C
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoLfqVGnDNTMf+oE/PhLWQEKtLvkckcz9t2wHsFnqwQFNTeAtwJWh9N256dQHZRyj1o2B05UvZjLyq7UpNBJB/lsqlSNZOaaDQ=
.mixi.media/ Name: nid
Value: ads5-3ssel30
.dable.io/ Name: uid
Value: 69007821.1644234255980
.dable.io/ Name: _skp
Value: 1
.dable.io/ Name: _gg_ck_match
Value: 1
.www.ntd.com/ Name: dable_uid
Value: 69007821.1644234255980
.stat.media/ Name: _sm_uid
Value: b4850e9e-08dc-4ef6-9688-fdf86e2b3ad1
.stat.media/ Name: _sm_udt
Value: 1644234255814
.stat.media/ Name: _sm_sid
Value: b601b5e7-f772-4228-a125-ecadb94f8106
.stat.media/ Name: _sm_cm
Value: 32
.doubleclick.net/ Name: IDE
Value: AHWqTUldjq7hP40U4wDDz6ZZb51NEkk0n2s8ZH3WVabk6EuAKcjRGTlkCyxu5Lz9Wu0
.ad.daum.net/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220207%22%2C%22u%22%3A%2269007821.1644234255980%22%7D%7D
.ds.kakao.com/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220207%22%2C%22u%22%3A%2269007821.1644234255980%22%7D%7D
.casalemedia.com/ Name: CMPS
Value: 3238
.casalemedia.com/ Name: CMST
Value: YgEGEmIBBhIA
.mathtag.com/ Name: uuid
Value: 476b6201-0612-4200-8acf-07bdc7c9b032
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDQxNTYxs7Q0NxLiM9SNCAoyi0o1dEotKk-W4jU0MzExMjYxMrUwMTYFAH5R5WQ0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDQxNTYxs7Q0NxLiM9SNCAoyi0o1dEotKk8GABNMHZklAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJiZGxiZGphYmwKAH8pPY4QAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgEGEgAEXRFMCgAy
.turn.com/ Name: uid
Value: 7921785846982813187
.yahoo.com/ Name: A3
Value: d=AQABBBIGAWICEAvRT3IQQK9QNICTruBsDbIFEgEBAQFXAmIKYgAAAAAA_eMAAA&S=AQAAArWxXWIOaPBt7OcvIfeOsDY
.casalemedia.com/ Name: CMID
Value: YgEGEnUTT6Mn9KT7ypwHJAAA
.casalemedia.com/ Name: CMPRO
Value: 1113
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 1e5e9980ec78f251edad13afc55147d9
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEw1TbW0tDBITTa3SDMyNUxNSUwxNE5MSzY1NTQxT7FkAIIkRjYhEA0FAE0oCZo%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIYmQTAlJQAAAGiQB8"
.eqads.com/ Name: EQUser
Value: UID=f7ae8aa5-dcae-4fde-806c-e049f14c94fa
.casalemedia.com/ Name: CMRUM3
Value: 27620106120b40&416201061205a0&b06201061205a00&2d620106122760CAESECbgSJfEwrZcqk-AD5DlixA&c3620106122760av-f8863e60-15c9-43a8-823f-c2ca9a42107a&28620106122760f7ae8aa5-dcae-4fde-806c-e049f14c94fa&f16201061205a0&1a6201061205a0&e6620106122760
.media.net/ Name: visitor-id
Value: 2872358597578893000V10
a.clickcertain.com/ Name: _ccpx_u
Value: e5ec1b13%2d8a08%2d4d76%2d9f9b%2dc685d706d5aa
www.ntd.com/ Name: _geuid
Value: 3f1d0f2a-9691-4c99-b548-1a41d6e7254c
www.ntd.com/ Name: _gepi
Value: true
www.ntd.com/ Name: _geps
Value: true
a.clickcertain.com/ Name: _ccpx
Value: 2455d1796b86efb
a.clickcertain.com/ Name: _ccpx_2455d1796b86efb
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://comment.youmaker.com/api/v1/user?site=www.ntd.com
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
acdn.adnxs.com
act.ds.kakao.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
analytics.twitter.com
api.dable.io
b8cfce07ceebccf136880fa713960b80.safeframe.googlesyndication.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.districtm.io
cm.g.doubleclick.net
comment.youmaker.com
contextual.media.net
dmp.brand-display.com
dmx.districtm.io
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gu.dyntrk.com
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
images.dable.io
img.ntd.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.deepintent.com
mixi.media
nep.advangelists.com
p.alocdn.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
r-log.dable.io
rtb.adentifi.com
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stat.media
static.ads-twitter.com
static.adsafeprotected.com
static.dable.io
static.mixi.media
static4.mixi.media
static7.mixi.media
static8.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync-tm.everesttech.net
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
sync.taboola.com
t.co
target.mixi.media
tnews.to
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
xch.media.net
a.clickcertain.com
104.121.183.2
104.16.190.66
104.244.42.195
104.244.42.69
121.53.104.194
13.32.99.105
136.243.66.182
141.226.228.48
142.250.185.98
15.197.193.217
151.101.65.108
151.101.66.49
151.139.128.11
169.197.150.7
172.217.16.130
178.162.133.149
18.156.0.31
18.66.139.65
184.30.24.22
185.162.95.67
185.183.112.148
185.29.134.244
193.0.160.128
198.47.127.19
199.232.136.157
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
209.54.176.128
23.37.38.181
23.37.42.132
2600:9000:223f:1e00:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:20::681a:27a
2606:4700:20::681a:932
2606:4700:3034::ac43:c7b9
2a00:1288:80:800::7001
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:58ff:414:f08:16d6
3.34.87.37
3.39.1.125
34.107.136.65
34.120.33.89
34.120.97.157
34.230.197.238
35.171.214.154
35.227.248.159
35.244.159.8
35.244.174.68
35.244.243.66
35.83.79.238
37.157.6.247
37.252.161.190
37.252.172.37
44.239.88.222
51.178.20.140
52.18.126.50
52.222.210.175
52.28.203.152
52.30.140.199
52.79.156.248
52.92.132.72
54.174.249.39
54.71.47.92
54.72.144.172
66.155.71.150
69.173.144.138
69.173.144.165
03116ee27ab79f09ced28de3396fe9524bc37349c0ec714b1f6f25396da6ffd4
03635179a65ac9e36a14b4ac3185fd66541a7d3d384df6d556f32898463459b5
0380a6cf718d40d01a3debff69dd0f25a3a1b52405d18d1e9c2797c3ee992005
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
080002e98e845ca1703693ce57c6a28074f674975988e80a19778f404cc3ed0c
0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0d4b7aa8961f20fa4556054ded140086424a580511130f5283193d6b2a5d58
0dceae772a3b82f7d0f9538b3b62db0f77bc29029f5e1a333234b9c5492e4c27
0ea64fe6b27a6e0382c699ee66e7c613fff45014e70ae469b8b15eaca7dffaee
0eaa98d99ffd85f27787798b06fb8b7b62a5c25710e7dc3868fcf893044110d3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5ee76e8e84f53437640951b86b504858c4dc659fe3379caf1ef0cba8ca1f9e
0f94c612cee9b08a6141930dc126e3bb7c1bd48668f36400ab46e9a2df8e1adc
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
13160f1ceb7467feed0eb33c0b4d0862d3a6b7150826c0123a56ee7bb314439e
152c06e339a025554dfe945af5493c7f5fdc1216e18676f1eff31f9186b16c41
159f8542ae9d703b82867b64c59c12cac589e43d87be967fccb2f25a45aa70b0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c7727afe191ec41c010c4a6c4945d3fd6f842f7b00b958158ea4d008d7db4d7
1d8e36dc714344939ac5725a1586e9be7f5f4bfd8a039bd599459c916ad1a075
1ef43faf66864fd2b60c15b7b0d27e7592f552fba98c1d36d94f25290c8306f8
20b33eb0d3404a30fd13269c9b6b3cb6a1a91668a4e284dd9e1b3ec78ca7d479
2175730887f2860b1352661d0c04d24ca087d75a4423be44aad5012344c9e70c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24debe1a54d5c3e03a19488a253b5019df02e8123774a2741ab89135cf99427e
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
293f6aea889315c3ac6dd127772caa290e726dc27efefcba10b64404794645db
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
2b8fe2700dd46b01fb40571c333cb21e7c7a576e556b86709445a5d1d77c0dc1
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2c7aa71aef29ba71b7ecd353df3c9f5a6eca5f47c7683649ee286ba4d2b09482
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
2e7af9d06c2f1d015d55605ba6c6e4bf8cfa39ea69f1ccbef54c271cc2bdda06
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
308634b67167450e9688918820cbd4716a946a9717c122068511c2befbfd845b
3096cb32b815f75b5cb141ef42f728dab651a7f3c8651cfab1197b58af5eb7a3
30af84a5bfec24b73596e78d878cb6ad3da8e439ed2d685e6c5295e916dd1a9a
311f5fc71e4f4edf36d5f78185a5548031fe7c9e75b820fe1d47073f38d38a1b
32af3a7a61d88952992e4ec14ff0069f3a267cdc39ccd58d6353987333e24d13
360e0dac9b9b6febaf0f3f25407d9ae5c470ca9582778199937f875e8cad96c7
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
3924908b6d97a6b9437e034070df379b5c9b467294593ceb60f318bbf7cdd0a5
3a8a636a11159f8a3c94c13ebdc4cbbb88bd50eeb382c06347a2e68ecdf8c825
3b6a9f90ec8304834f717de38bd2d8721a7b602d9557ee81593a8059ee39698e
3c244c8c754aa51349f3c40e4d41fb2f46fe4c031c0c043a47b756be035d2683
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7c7f44f352412dfe410ed062512b6afa9be455a986e0f403c37eae98035eb4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed442f7d271bdc1d8c1d26178c019e596adfb4e7314187e2c6f066ee53ec19a
3ef3a8cdf36d880bc20ec83b993830b18b73d38f1935ab45817c2bfa592edf1b
3f68f0fe85088413ca07fb4bcfa54fd66513d9bd41e63492a8323241ae2fa8d0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412d646ba3b0ee994bef05d1b0f59ac451bb000c57ef43512a58017757ca30cd
4149ef1ef6f657a719b2617bc5c6a382f79b0286a7ed024299ab99227420efae
42fd4ebe7b47c3c1d511651a1736dfe2e11feade6289bf08bae08d20ef020d1d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454a5dfc464806755d550d689f5202cf1ab09e7011626b601266406568932f58
45aef68f5facfecb15d4aa6538b7183c7c69d0de79e0d809e3cdcdf3264830ff
470f1c700ca37f6b6d6de58ec9e24f37ab78bc70a7b2ec5c6773c7c1e77e4e0d
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ef1501b7fe904a40d1619b72c95314823eb0b51938fe8ec17d8c53a8d01942
4a7c0ba4d25a7ee64f06dbfc029c97310af5293d17ae5d8498bb6ef240401942
4a8f8569f636a4bfd59514235cf7de1ce2c0e9c21552fa82910fa901f903d619
4b546a286a64da49d5a38cee327effa6244635c2d2d9482043329d2c20258236
4ba0b86c4c223c8cfcbdb4d002d9167fd346d6b07850fccd9e9585222ca8f9a3
4bd02b94a55550e833f076c27194f78a57ada33f4ad7a59fb374a4187e578c3d
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5042595a2d2c9196cfbcc9f9e3611954ae63f057b716cfa21c5236e93ae0c31c
5097fadb367f2e2d6a99625873680af8e42659a79b6b1d4172714958c72d32f6
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
531037e7efad83472ad4834ca7d98bab1c30811387dac7057704bfbefa1d1dd8
53ba7ed6026a9f37ae7e7f3709054ea8e49a44ed7fefd47e963b6d36a97a0593
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a4c618ffded08a9f7158c3feb92caf7ab70bc26a6bc2daecdffc2b62bd989eb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b742cf2a72cd7f6fdcf26a9033e40e4821971718b760707df2b3a849e043e42
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e065314dbd2465ec4f03c74a0ff6e9f7b424c47dd445a987379aeab6f935159
60a78808ae669ae826595c348c5c5efa5f014270c0493a16a69fcc9f1bb42af5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643b4013da9a0054325e343c214811faac727760a2c68f4f8472afb4ea5c9456
654d20411dda7f4c4ae35fa468aed9ac3c35e7d38b20f8a0c2b2793534f562ea
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
66bff685c5ac329bd9768d834ded3c86fae15554121d71107c1a9f6dd3aab013
66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad
66e873224f8f45d8352d754911e3ab1220145e5d8a89b52338dba1fbb61f64bf
67a713f396bba7b6030f985556be693da6012961ee9916d05b1f944a0dbc8c91
698cfa225a7014d76ce2a7421b817930a90ad52644b2b99c45b2a4ae5031ce71
6acab0f87e2f888a567b5b0bf1f8107bdf161ec57460aa9f11bc356f66827ee9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6e88237108127024092b10e93eb3e08ef39c2b9f293339f84b0640a746f37ac0
70385f98221f89859dbfe0cc01afa83c0391fcfb7abd14d78bef1027155d7b7b
70c14677599ca76ad45be8541dd9456785bd7f3ad42a5f5d6ae59b933bf97d88
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
718bf807ae285094008b869c0051c907807b7efd521e4bbc1403a6f257176f55
7304a8b44027d55051ff16666fa5d9b371b0aaf7ea5136de52d18f00e40cc6e3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745f201ee42ee6da4a8f1d7ada0038bc34fb8fbfda4253646927b1c7063f35d7
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
796cce50bea3a8e6ee1b158a9da215b343f40971b73e32a3b78ccdd1586fe407
7a9574f0a20712b7afcd8a0e9c93cab58d203bdb074d20d0e536f8271203628a
7b85a7e045a0d21f773407d472f66223e8050551b824a111cd2e44059687b244
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
802f47a6ea21a6e981659bcfaeac8c1c15ecb20c8309f371af15014aa03484e6
81929796467a0d3d726d15f58cb4ad6cc94ddb5ef140c4c2d149485086aea11b
82e7e112196b47b736d1ed3560023d20b862c1002b62b091f9db1918499ec431
8470e402e199aa8900f6790a3f009342fa473487270699025d9ffc03eb681a47
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86241bf2c28287a901325479e6e81fc705d5f172eee72ec3a6689e89b356b65f
86e734a9cf822d2d5e69caa0567b1ce0dbba0b5d661ee0f07a8fda66352ec0da
873483f78bbcb7234d8d4522a3c208cd8e81e2348821fa94cb928175bd6e6f82
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
886b967e4cf2b3fe8cbaacdb09cfcc77322ac16523adb971c1fef623f25d29c0
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a706f7f15a01951042ac975de625cbb92c53ce143a358e1f3e611c6b4dd3f0d
8adab28592121bbe412b003fbf07cc59e1af4a40645b1c01d2854cc0efa5ab68
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b622ac31b659e965866e554d239ba5b9e36ba09438ed7703e659c7d58794b57
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8c087acd7cd5e1f1141c4e0c7ff98270a46139ea2f49dd34e836fa966fc548d5
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9e8b7c1ffebd10c1d6836f58503cc2386531d674a13ff3963cd39d54d07f62
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0
923437ddf3b7fcea8bad61d253608c8407bdc14a9f1fc68f778c14f521cd94f3
95e205cee7c177e1f03ee46669ec7dc321f65911ca62b5e7adcb56f2fbd01f5e
9bcbdab206f332717a183b0f4cfe9b02eb81364800a984e75137403be1aeacfb
9c08144ee62cd26891dec178bf9666e47b0a49c5eaea2bd034ab9cef63a4ecc5
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9cc3f35106b58879608b2eee4905c8a037005ba9c0b12bcd6ac2810e155f81e8
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a35f0d2c403e7f02e18e8c2acffa612aa3c8c5575141a3fc922b99a10fa5f5ba
a439b42852f9a1838bdd482fc7380de5fed31d8e20b44d72043c9d130d99548e
a456949cc8478c23d5131d81356621109b0126e348f2ccdf8bfec8da18159390
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6464fc0eb6b5fce0e5d8204f40d49c35defad5b7e4a9a9da9f7a1f29234d5e3
a66b1f3d4520e0e4f2ebc3d174dc671ba39a8804be3e424b4ac20190da04188f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aad2d63ef62494907810c6a1a3a47e827e3c0a4babce855cadf0fc16cf397a9a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad657365ba0a357b3f4447b0025a575fe4bc2224c1a28023718b0b664b0f2340
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b1b5b92a27b72c199eae1c4aec2166e846b066cb00a78928b3462691e1a5cd90
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8
b41b716dbb084bf1e42c373b203a4b905bfa96033a04e689bb8a3f522741d26e
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b5eb9e6f6480c3e8e905dda2fd406dbe4b9675fe72a810a1d6f060ff1c458b3e
b70d79c801f56d461c359b7473fff15431e96e097b460522081df050ce10a7fc
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
ba9b9c688a1e322afebe9cf3fca3552e1c55eb7dfebe21425165f582eabb6c6a
bd66e849a6201185b6d84b2b33c829983b230044446896091bf9df9408ff3a65
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29c7af25062b94589535b92bf6a5868b7bad028d5a6494971f38bc530632cdf
c454e9ab422a8d322d36521d9a675279c9b2dcf9e69190afa80a214a071a943e
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
ca90156622aa2af348b092e80521b641f617915db86e5593b922d80964fe5678
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd50e251c4824bcebbc68e52ab04aa82e679a28547a700fd79a67002c2bfc2a1
cde25c459bc5c4263e9646091fd5d4498f2f3a469a72154d8754da5a0752679b
d236e1af7b71e2ccd2d2fab9d9ba66893d95c884663688306742f8934aec7594
d24504fb8d7f46fc501b9cedb1d586b385e547c266b2ed61567c6e69ff28e5cb
d2e437d4177a545dad9b06a4b34db2b121bbfb5857b4eaee9bf6a153059d5b0d
d3114771bd5812addc4f5c3a0a87dfe4fbe46a1c3e31db10efd2c870b9bee84c
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5b962a89400afef0e9d4b411bbbd3059094911a9762cd48a26ec82cad9fe11e
d63292fd95a28ebf1fb0c272b04f7ee06089b90afe614d21248a0c4d79f66358
d851e97738ee9708f3fa4e8ab502d22397b4fd26c479b70dc9026a864fc5dde2
d97e593468a02272d5c689b72d2e57188aa87710994719831d85431398d6ea57
da8976f9ac374141f41467d237ed94f996068f2585aa9aa60c65fa0a8bfa5258
dc7898fa6a43df915b8a9a65e1661b22556fd817fdfd6c5ad3e4f8f574291ea1
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0db7a8f644f3f6e06af34dfeb3b95643ef01c3f518ea7747880666d74ec0157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ad6c73c2a11052e7738f4fc5a8d251ec2d01b4555e19dc055b23b4f4972fee
e5c84306a20595cebdff3ea7a585d9a3541aa3c5c6be2aba085adfda3ce94008
ea67c45533f8704925d64b675a3794cb9ac2d620e7ee3519e50b4be24fbbe9c7
eae614eff5fc87bc2bf2a1aed2582edc4e1e3420b462ba5a6e436801df5053dd
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed265743d7728bce6c7452d3c32e7adb6e82c7c6b22035430273502ad02179b8
ed928a8b3313a0bbbcfbaeab4b0fe4c74348fd41f10a61e997f9632b30e14248
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef062d429e4a0730a94dace80481edf59295aec2928a516ebe60a01bd265cd93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21
f15754188217f5ea5d92a8d0ffc19a947ba87557dc5d48c6652b64c01d8fb0f6
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f674ed5954b8252a6bf1f981be7b0ce88437e032d19781418034dddd809cc531
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6d1fc7b1a4aecf3d0df6a9ce5333a65433c37d15d2f920926855150fdd0b563
f94c55b68b702413e7fd7da527f6a082cf06bedf7e6e6a429bff580f741a781e
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5
ffd47fa40f9ce5e79231fa360173251e30ba92a9008a7ecd7c1a507aac4194f3