www.ntd.com Open in urlscan Pro
2606:4700::6812:181e  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131

• https://rp.liadm.com/j?dtstmp=1714019258997&se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&tv=v2.14.3&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&wpn=lc-bundle&cd=.ntd.com HTTP 302
• https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&cd=.ntd.com&dtstmp=1714019258997&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjQ%3D

Request Chain 132

• https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html HTTP 302
• https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html HTTP 302
• https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=a52ff52b-2366-4b5b-afb3-37fd28044cd8

Request Chain 137

• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522d7f489b3-49b4-4f73-8032-e52b50d93090%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html HTTP 302
• https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522d7f489b3-49b4-4f73-8032-e52b50d93090%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Show response www.ntd.com/	114 KB 18 KB	716ms 654ms	Document text/html	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 6a914598433c8ef6b656faa9128a53d2931de6562b692ea6e7970935d1d06181 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, max-age=14400 cf-cache-status EXPIRED cf-ray 879b94e01f7a190d-FRA content-encoding gzip content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 04:27:36 GMT expires Thu, 25 Apr 2024 08:27:36 GMT server cloudflare strict-transport-security max-age=63072000 vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-nextjs-cache STALE x-powered-by Next.js x-xss-protection 1; mode=block
GET H2	200	template.css subs.epochbase.com/lib/	4 KB 1 KB	98ms 27ms	Stylesheet text/css	34.107.251.162 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://subs.epochbase.com/lib/template.css Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 162.251.107.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash ea660872abe29e5e806c4e1e55aaa1d46af42c50dace4c5d777a49336e95ad8c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip via 1.1 google last-modified Thu, 11 Apr 2024 21:45:11 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1243 expires Thu, 25 Apr 2024 05:27:37 GMT
GET H2	200	5b3770bb17262013.css www.ntd.com/_next/static/css/	169 KB 48 KB	35ms 33ms	Stylesheet text/css	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/5b3770bb17262013.css Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4a0f91fa734ea57f7c46966f194324bbf3fefd28795f3cd6d78d42757375352 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"2a284-18f06f03a8a" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e44abd190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	5bb473991d248c54.css www.ntd.com/_next/static/css/	23 KB 5 KB	33ms 32ms	Stylesheet text/css	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/5bb473991d248c54.css Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"5cf7-18f06f03a8c" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e44abe190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	bd55f7ebf438005c.css www.ntd.com/_next/static/css/	15 KB 3 KB	33ms 33ms	Stylesheet text/css	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/css/bd55f7ebf438005c.css Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c2e505569e02b7a8699f78666cec1a206a36562db1839697e1805b1f9647eb4 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"3db9-18f06f03a92" x-frame-options DENY vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e44ac1190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	30418f44-0997a245180a218e.js Show response www.ntd.com/_next/static/chunks/	681 KB 186 KB	36ms 30ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 875eee8bd1d0816a0d63463af19a88b6f69a84fc630faa49757e035af6d71a92 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"aa25e-18f06f03a92" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae3190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	8885.abe6fb05b0358dee.js Show response www.ntd.com/_next/static/chunks/	33 KB 11 KB	58ms 53ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8885.abe6fb05b0358dee.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d5540c07fcd7d27e130e06f3be12ea9097cb1dcde7cd05e7c8ea57775d767d8 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"8228-18f06f03a94" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae5190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	9073-099e1e0d3ca6f27f.js Show response www.ntd.com/_next/static/chunks/	9 KB 3 KB	61ms 56ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9073-099e1e0d3ca6f27f.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fda6bfcdabf466be34c4e7c123caaae3b211f194f9a9c064b7e185b07d06ea8 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 502 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"249b-18f06f03a95" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae6190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	663.13caf7bc3420db42.js Show response www.ntd.com/_next/static/chunks/	9 KB 4 KB	58ms 54ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/663.13caf7bc3420db42.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 418bcc3b739d332ad22b8bf4ca45bc2d8b1fa67942ded5df9fe870f7a464c220 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"25dd-18f06f03a95" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae7190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	563.578a855b9a58060d.js Show response www.ntd.com/_next/static/chunks/	13 KB 5 KB	60ms 56ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/563.578a855b9a58060d.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f045147294b6fad770f56976327f18c9f9b380d5bf936f8696ad2c2ce0a3b54f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"34fe-18f06f03a91" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae8190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	webpack-e878e7075682c52b.js Show response www.ntd.com/_next/static/chunks/	6 KB 3 KB	59ms 54ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/webpack-e878e7075682c52b.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8fbed36ec09a3afde26bdcd8f5fe291d812b40413a982ce932995398dfec25d Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"191d-18f06f03a8f" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47ae9190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	framework-79bce4a3a540b080.js Show response www.ntd.com/_next/static/chunks/	127 KB 41 KB	59ms 55ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"1fbd2-18f06f03a92" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47aea190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	main-9f9ad50cce646180.js Show response www.ntd.com/_next/static/chunks/	116 KB 34 KB	58ms 54ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"1ce12-18f06f03a8a" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47aeb190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	_app-085facb3c1303022.js Show response www.ntd.com/_next/static/chunks/pages/	316 KB 96 KB	59ms 55ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191d663db4906dfa050f500caa2e926691f3c575464ad7f19877026ca63677b1 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"4f0e1-18f06f03a8a" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47aee190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	2373-7460ee92f1267c41.js Show response www.ntd.com/_next/static/chunks/	116 KB 41 KB	59ms 55ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/2373-7460ee92f1267c41.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"1d099-18f06f03a92" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e47aef190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	8500-8f8f605135b4748a.js Show response www.ntd.com/_next/static/chunks/	28 KB 7 KB	61ms 57ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8500-8f8f605135b4748a.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 777bd3de92ddd431cce2afd34592672aefcc696b0581df5650f64b1f0d38fd82 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"6fa8-18f06f03a93" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b0b190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	2962-a4df57f83cf7a4f7.js Show response www.ntd.com/_next/static/chunks/	17 KB 5 KB	62ms 58ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"4442-18f06f03a93" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b0d190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	8053-9d577285033187ae.js Show response www.ntd.com/_next/static/chunks/	47 KB 15 KB	80ms 77ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8053-9d577285033187ae.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c03146f11e108dc037ff141be3d48d235b7e4306d4ea48848889b3625f123cb0 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"badd-18f06f03a93" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b0e190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	2630-185dcba70eb4ab06.js Show response www.ntd.com/_next/static/chunks/	29 KB 6 KB	61ms 58ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/2630-185dcba70eb4ab06.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ee1238c140c95d522e8bf6922031841b6b9b4ea6257d0f25a55e8c740604f3e Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"7389-18f06f03a94" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b0f190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	1335-46aa3a92d659b0e3.js Show response www.ntd.com/_next/static/chunks/	105 KB 13 KB	79ms 76ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1335-46aa3a92d659b0e3.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 746883fa12129a420b027c36c73845fb593e55ee02688181de9bedd27c4cbbd4 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"1a271-18f06f03a94" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b10190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	6373-3dba0e9ae26ed922.js Show response www.ntd.com/_next/static/chunks/	14 KB 5 KB	79ms 76ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/6373-3dba0e9ae26ed922.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08f13571f6dc87c7bd3fe84904b36ca745f366469b8bd6644d9a8c2162e04458 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"36e1-18f06f03a94" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b11190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	39-d3c8328a79c055a7.js Show response www.ntd.com/_next/static/chunks/	9 KB 3 KB	60ms 57ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f15b1ca1a332524a10d7f92638492e49a1497c3b15e632376b65b2d2e9ec443 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"2482-18f06f03a94" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b12190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	9785-a2961c30555d0f19.js Show response www.ntd.com/_next/static/chunks/	9 KB 4 KB	79ms 77ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/9785-a2961c30555d0f19.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c447c3a5ce10293aac937c10c945119b33b34e9d07726e23ce3758e9fd66ffb9 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"25fa-18f06f03a95" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b15190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	1601-e16e404666ee2e1f.js Show response www.ntd.com/_next/static/chunks/	9 KB 2 KB	60ms 58ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/1601-e16e404666ee2e1f.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"22bf-18f06f03a95" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b17190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	%5Burl%5D-f42148dc2a151a2b.js Show response www.ntd.com/_next/static/chunks/pages/	19 KB 6 KB	60ms 58ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-f42148dc2a151a2b.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13beae7abf993835a827187c0420cf8042c5ed587ebe2e0fd9b4e0456306bb88 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"4aa0-18f06f03a8c" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b18190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	_buildManifest.js Show response www.ntd.com/_next/static/add46d3d9a0840b1dd66accb22ae321cc9443dc4/	4 KB 2 KB	77ms 76ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/add46d3d9a0840b1dd66accb22ae321cc9443dc4/_buildManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9220236716aacf67b3a8665ff9bbd296cd87e6672f42977a0a7eacdfb22df1f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"115c-18f06f03a8a" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b1a190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	_ssgManifest.js Show response www.ntd.com/_next/static/add46d3d9a0840b1dd66accb22ae321cc9443dc4/	598 B 334 B	79ms 77ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/add46d3d9a0840b1dd66accb22ae321cc9443dc4/_ssgManifest.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:56 GMT server cloudflare etag W/"256-18f06f08231" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e49b1b190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H/1.1	200 OK	NTDLogo.svg i.ntd.com/assets/themes/ntd/images/	660 B 1 KB	277ms 35ms	Image image/svg+xml	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 660 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-294" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=29624683 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	78 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	79 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	nest_newsletter_cif.jpg i.ntd.com/assets/themes/ntd/images/	120 KB 120 KB	204ms 64ms	Image image/jpeg	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 122419 Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-1de33" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=30549434 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Sun, 13 Apr 2025 18:24:51 GMT
GET H2	200	ENTD_Play.svg www.ntd.com/images/	2 KB 1 KB	503ms 495ms	Image image/svg+xml	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/ENTD_Play.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0af7a02c2b9ae0fde55e83700c8e6709122fb18adae5f1e6b0262732fb9e736f Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/_next/static/css/5bb473991d248c54.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare cf-cache-status MISS etag W/"7e6-18a84a34dab" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 879b94e50b64190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:37 GMT
GET H2	200	NTDLogo.svg www.ntd.com/images/	660 B 525 B	505ms 502ms	Image image/svg+xml	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/_next/static/css/5bb473991d248c54.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare content-encoding gzip etag W/"294-18a84a25feb" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 879b94e50b67190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:37 GMT
GET H2	200	footer-app-logo.png www.ntd.com/images/	73 KB 73 KB	654ms 651ms	Image image/png	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/footer-app-logo.png Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/_next/static/css/5bb473991d248c54.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS content-length 74494 x-xss-protection 1; mode=block last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare etag W/"122fe-18a84a34db2" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 879b94e50b68190d-FRA expires Thu, 25 Apr 2024 08:27:37 GMT
GET H2	200	NTD_BackToTop.svg www.ntd.com/images/	2 KB 920 B	501ms 498ms	Image image/svg+xml	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/NTD_BackToTop.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/_next/static/css/5bb473991d248c54.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare cf-cache-status MISS etag W/"7d6-18a84a34dac" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 879b94e50b69190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:37 GMT
GET DATA	200 OK	truncated /	23 KB 23 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7745e700cc600e8ad111cc9d752e7e5d888201979efeaba26155a49cb5865826 Request headers Referer Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	iframe_api Show response www.youtube.com/	1 KB 2 KB	108ms 40ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5ecf9b003ef58e29a1b982107a1e66c88f66cc8ab158c16fd135de2fefc25189 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Thu, 25 Apr 2024 04:27:37 GMT
GET H2	200	8735.d0b957bfa55e8687.js Show response www.ntd.com/_next/static/chunks/	44 KB 15 KB	30ms 30ms	Script application/javascript	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/webpack-e878e7075682c52b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 cf-cache-status HIT age 501 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 17:52:38 GMT server cloudflare etag W/"af73-18f06f03a92" x-frame-options DENY vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 cf-ray 879b94e65c48190d-FRA expires Fri, 25 Apr 2025 04:27:37 GMT
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 856 B	86ms 32ms	Script text/javascript	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=explicit Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-f42148dc2a151a2b.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f4.1e100.net Software GSE / Resource Hash d201cf8b7ff686b19cef2f3477defc4a9f49c472fd26bd0ca530059f3b656532 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 04:27:37 GMT
GET H/1.1	200	95162.js Show response mixi.media/data/js/	5 KB 2 KB	179ms 114ms	Script application/javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/data/js/95162.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/563.578a855b9a58060d.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash ed893df420f5d8f129007b3bd750f433167a1b36f1643dbbcb74d3996f3fe412 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 25 Apr 2024 04:27:37 GMT Content-Encoding gzip Last-Modified Thursday, 25-Apr-2024 04:27:37 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive
GET H2	404	prebid.js www.ntd.com/js/	0 0	37ms 35ms	Script text/html	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/js/prebid.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 13 x-powered-by Next.js x-nextjs-cache HIT x-xss-protection 1; mode=block server cloudflare x-frame-options DENY vary Accept-Encoding content-type text/html; charset=utf-8 cache-control public, max-age=14400 cf-ray 879b94e67c5e190d-FRA expires Thu, 25 Apr 2024 08:27:37 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	94 KB 30 KB	114ms 37ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e5d0d243b74a4e19022f860ca00edb9fcd5cb5b552f9616ccee9528f40c47fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30010 x-xss-protection 0 server cafe etag 427 / 19838 / 31083073 / config-hash: 9301319534479615066 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 25 Apr 2024 04:27:37 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 103 KB	123ms 65ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ced80ebbfc19bc1c3b621933f12f66755f284ea67ec9bd66d8abc64ad0ccb915 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105514 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 04:27:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	127 KB 49 KB	92ms 34ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4ce51d129894430619cb2a97a86f8a67ca3db693a7710ad2419d5964cad84e04 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49969 x-xss-protection 0 last-modified Thu, 25 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 25 Apr 2024 04:27:37 GMT
GET		fb512588-5ffa-49f9-a94f-69ec8467ddab www.ntd.com/v1/api/video/metadata/	0 0
GET H2	200	fb512588-5ffa-49f9-a94f-69ec8467ddab Show response www.youmaker.com/v1/api/video/metadata/	5 KB 2 KB	339ms 263ms	XHR application/json	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.youmaker.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 7f81902d568476be668cadacf554d324f526a5c57ece1904e5a535faa02ab615 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	subtitle Show response www1.youmaker.com/v1/api/video/	35 B 138 B	417ms 342ms	XHR application/json	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www1.youmaker.com/v1/api/video/subtitle?systemid=fb512588-5ffa-49f9-a94f-69ec8467ddab Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET DATA	200 OK	truncated /	3 KB 3 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 09cfa981c6ada894afd02cb819a9b44ae8b3c51ef9b31b159e56c9e0d560ec31 Request headers Referer Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
POST H2	200	counts Show response www.ntd.com/api/v1/	1 KB 199 B	556ms 556ms	Fetch application/json	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25e6a27b8d3382e61e851072072c0e6259d0ce458bc1714d76b4193ba520cb05 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 879b94e6dcb3190d-FRA app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	664 B 855 B	209ms 134ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=980831,988393,988304,988443,988414,988479,988440,988474,988441,988444&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 2ef35dd6bd7b1ff0c1271291de3e85cdedcb08774d6f2fcf3b2370115b326cf7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 664
POST H2	200	getcounts Show response www.ntd.com/v1/api/video/	50 B 190 B	660ms 659ms	Fetch application/json	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/v1/api/video/getcounts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/663.13caf7bc3420db42.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fb8f699121425e2dbf1cd1c40db7a94325f6ce9c255c27b96b1de4918e4c857 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 25 Apr 2024 04:27:38 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 content-encoding gzip server cloudflare cf-cache-status DYNAMIC vary Origin, Accept-Encoding x-frame-options DENY content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true cf-ray 879b94e6ecb7190d-FRA x-xss-protection 1; mode=block
GET		fb512588-5ffa-49f9-a94f-69ec8467ddab www.ntd.com/v1/api/video/metadata/	0 0
POST H2	200	counts Show response www.ntd.com/api/v1/	640 B 435 B	545ms 544ms	Fetch application/json	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/39-d3c8328a79c055a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b40b034ca0d042714ba0db74360204f0f8d43bf729b5656895db8f2bbac44430 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers expires Thu, 01 Jan 1970 00:00:00 UTC date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 via 1.1 google cf-cache-status DYNAMIC x-xss-protection 1; mode=block pragma no-cache server cloudflare author EMG vary Accept-Encoding, Origin x-frame-options DENY content-type application/json; charset=utf-8 access-control-allow-origin https://www.ntd.com app-name remark access-control-allow-credentials true cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 x-robots-tag noindex cf-ray 879b94e6ecb8190d-FRA app-version 0.1.2
GET H2	200	count Show response sc.youmaker.com/reaction/share/	409 B 465 B	220ms 147ms	XHR application/json	34.120.97.157 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=988117,987970,988059,987983,988138,988159&token= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 157.97.120.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash a9ced428f7c9c1ac9a12806e50ca342a1c22b796a606e6be6ac10af61a9f9d88 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 409
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	94 KB 30 KB	94ms 37ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f81a086d3ab6e6fa5027e7427da41a4893da6559891b2730ea27599688693f6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30043 x-xss-protection 0 server cafe etag 110 / 19838 / 31083041 / config-hash: 9301319534479615066 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 25 Apr 2024 04:27:37 GMT
GET H2	200	region Show response pwe.epochbase.com/api/	144 B 336 B	213ms 142ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/region?siteId=www.ntd.com Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 8ced24254bacc820ef171ce86b4c2417e9c7b8e17ebb79290a95b5974ab273c4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144
GET		playlist.m3u8 vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/	0 0
GET H/1.1	200 OK	id905992-TiffanyMeier_WEB.jpg i.ntd.com/assets/uploads/2023/03/	274 KB 275 KB	55ms 54ms	Image image/jpeg	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2023/03/id905992-TiffanyMeier_WEB.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2f68e3166fdf867168ae06331fe0bc287bdc25a43d49e56b9f015b3b753d97b6 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 280346 Last-Modified Fri, 07 Apr 2023 19:44:04 GMT Server nginx ETag "64307284-4471a" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31536000 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Expires Fri, 25 Apr 2025 04:27:37 GMT
GET H2	200	share.svg www.ntd.com/images/	338 B 319 B	493ms 490ms	Image image/svg+xml	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:26:49 GMT server cloudflare content-encoding gzip etag W/"152-18a84a34db8" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 879b94e75d1d190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:37 GMT
GET H2	200	share_single.svg www.ntd.com/images/	388 B 336 B	494ms 491ms	Image image/svg+xml	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/images/share_single.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT strict-transport-security max-age=63072000 x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare content-encoding gzip etag W/"184-18a84a25ffa" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 879b94e75d1f190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:37 GMT
GET H/1.1	200 OK	id988119-Donald-Trump-GettyImages-2149282906.jpg-352x220.webp i.ntd.com/assets/uploads/2024/04/	10 KB 11 KB	688ms 687ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2024/04/id988119-Donald-Trump-GettyImages-2149282906.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f976a0c77f1bce4faf46d824d317f5adac16756f696767df36cf6833a31d7c2a Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:38 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 10238 Last-Modified Tue, 23 Apr 2024 19:55:43 GMT Server nginx ETag "6628123f-27fe" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31422868 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id987972-Malaysian-military-helicopters-collide.jpg-352x220.webp i.ntd.com/assets/uploads/2024/04/	22 KB 23 KB	91ms 37ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2024/04/id987972-Malaysian-military-helicopters-collide.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e22730eaf1cfdf34168867bb6b30344235b7e429b7ddac4a1d5de61261305ec1 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 22924 Last-Modified Tue, 23 Apr 2024 10:37:45 GMT Server nginx ETag "66278f79-598c" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31390258 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id988060-Michigan.jpg-352x220.webp i.ntd.com/assets/uploads/2024/04/	23 KB 24 KB	685ms 631ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2024/04/id988060-Michigan.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ea9118c7387462e187d5c79fa12b42fafbc5efa8c40afd0b25d8a8e796b4fe9e Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:38 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 23746 Last-Modified Tue, 23 Apr 2024 16:40:21 GMT Server nginx ETag "6627e475-5cc2" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31448095 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id987987-Putin-and-Valentina-Matviyenko-.jpg-352x220.webp i.ntd.com/assets/uploads/2024/04/	10 KB 11 KB	129ms 46ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2024/04/id987987-Putin-and-Valentina-Matviyenko-.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash aa4b5f0672a02ae9ec46e32a0bf2346fc488809ddc0b0b9744186924acbfe6c4 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 10196 Last-Modified Tue, 23 Apr 2024 12:06:49 GMT Server nginx ETag "6627a459-27d4" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31394097 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	id988211-Alaska-plane-crash-AP24114786841546.jpg-352x220.webp i.ntd.com/assets/uploads/2024/04/	10 KB 10 KB	134ms 43ms	Image image/webp	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/uploads/2024/04/id988211-Alaska-plane-crash-AP24114786841546.jpg-352x220.webp Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a38652fe6122b095b7b14efe026ec4afc184e01a8dc31da19f699802bf5af976 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000 Date Thu, 25 Apr 2024 04:27:37 GMT Connection keep-alive Akamai-Mon-Iucid-Del 1403547 Content-Length 9880 Last-Modified Wed, 24 Apr 2024 00:59:43 GMT Server nginx ETag "6628597f-2698" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/webp Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31529693 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET BLOB	200 OK	91a2bf80-e9fe-42e8-bdb7-b16338fe964b https://www.ntd.com/	6 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/91a2bf80-e9fe-42e8-bdb7-b16338fe964b Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f791eabefc065903d7efdab11dfdaa0fe2ee5523bdc9bca55fbb279e45b7a4b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 5896 Content-Type application/javascript
GET BLOB	200 OK	5817da3b-a330-4757-9391-257ee0bb3d48 https://www.ntd.com/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/5817da3b-a330-4757-9391-257ee0bb3d48 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 80085 Content-Type application/javascript
GET BLOB	200 OK	32e58fc2-3e98-4dde-be6c-61debb5abe1a https://www.ntd.com/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/32e58fc2-3e98-4dde-be6c-61debb5abe1a Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 80085 Content-Type application/javascript
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/9135c2ab/www-widgetapi.vflset/	215 KB 67 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9135c2ab/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 63a3d01b852ed34867594ef2c007f0fcd1b8ec428d346154201739182d2f1911 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 19:37:16 GMT content-encoding br x-content-type-options nosniff age 31821 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68157 x-xss-protection 0 last-modified Tue, 23 Apr 2024 04:19:55 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 24 Apr 2025 19:37:16 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/	509 KB 203 KB	86ms 22ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 11:40:05 GMT content-encoding gzip x-content-type-options nosniff age 60452 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207268 x-xss-protection 0 last-modified Mon, 22 Apr 2024 21:03:35 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 24 Apr 2025 11:40:05 GMT
OPTIONS H2	200	reportad www1.youmaker.com/ Frame	0 0	38ms 37ms	Preflight	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www1.youmaker.com/reportad Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ntd.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE access-control-allow-origin * allow GET, POST, OPTIONS, PUT, DELETE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Thu, 25 Apr 2024 04:27:37 GMT server nginx/1.20.1 via 1.1 google
POST H2	200	reportad Show response www1.youmaker.com/	15 B 91 B	39ms 37ms	XHR application/json	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www1.youmaker.com/reportad Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 content-type application/json;charset=UTF-8
POST H2	204	collect Show response ea.epochbase.com/api/analytics/	0 225 B	1324ms 1070ms	XHR text/plain	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api/analytics/collect?tid=G-NLM20HHRE4&v=1&en=video_start&site_id=www.ntd.com&video_id=fb512588-5ffa-49f9-a94f-69ec8467ddab&video_playtime=0&video_percentage=0&dl=&dr=&uid=4f5782a2-0424-4d1f-84f7-c7b566f52fd1&cid=null Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.ntd.com date Thu, 25 Apr 2024 04:27:38 GMT server nginx/1.20.1 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/	449 KB 140 KB	24ms 22ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083073 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 83f5282269ab1b6bbfac8a6af1a4996cc4473e647a88aaa2e67980bf89933cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 13:31:03 GMT content-encoding br x-content-type-options nosniff age 53794 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 143053 x-xss-protection 0 server cafe etag 9567458949288514437 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 24 Apr 2025 13:31:03 GMT
GET H/1.1	200 OK	ge.js Show response s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/	65 KB 65 KB	610ms 206ms	Script application/javascript	52.92.194.0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 52.92.194.0 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 1ce11195793afa2f8cad980e0f257a258b2f0a222775030d2e1a92d70d86c503 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:39 GMT Last-Modified Fri, 05 Apr 2024 19:56:13 GMT Server AmazonS3 x-amz-request-id 16F9M0Q5P3WQFCV9 ETag "849726f5a4ff0f6184768912a74400af" x-amz-server-side-encryption AES256 Content-Type application/javascript Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 66587 x-amz-id-2 yrGplGGDa6Nbt5zP9EhEpUbxkv1bnwuFLVCacYtGpG+uGCaVSCxu0QWjhmJNk7ebyafURoROydw= Expires Sun, 05 May 2024 19:56:12 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 103 KB	45ms 44ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 62e57fef50da5c35fa9500232c45b715bcdb60917868f5285ee26b49f5f53f49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105509 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 04:27:37 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 251 B	94ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je44o0v896365836za200&_p=1714019257342&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=472256242.1714019258&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714019257&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&dt=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=1337 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 25 Apr 2024 04:27:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 251 B	118ms 30ms	Ping text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=472256242.1714019258&gtm=45je44o0v896365836za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 25 Apr 2024 04:27:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ntd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	67ms 30ms	Image image/gif	216.58.206.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=472256242.1714019258&gtm=45je44o0v896365836za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=421055493 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s11-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 25 Apr 2024 04:27:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	jsapi.v5.12.0.en_US.js Show response static.mixi.media/static/jsapi/	251 KB 75 KB	145ms 65ms	Script application/x-javascript	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:37 GMT Content-Encoding gzip Last-Modified Thu, 31 Mar 2022 07:51:02 GMT Server nginx ETag W/"62455d66-3eabf" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Connection keep-alive
GET H/1.1	200 OK	sm.js Show response cdnjs.mixi.media/	88 KB 32 KB	267ms 123ms	Script application/x-javascript	82.148.14.194 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://cdnjs.mixi.media/sm.js Requested by Host: mixi.media URL: https://mixi.media/data/js/95162.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.148.14.194 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel24.imcmdb.net Software nginx / Resource Hash e9d585d040ea53e3feec6fbaccfbb86adfd1749129b8149c31fa440e27807ae1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:37 GMT Content-Encoding gzip Last-Modified Tue, 16 Apr 2024 13:21:02 GMT Server nginx ETag W/"661e7b3e-161c0" Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/x-javascript Cache-Control private, must-revalidate, proxy-revalidate, max-age=3600 Connection keep-alive
GET H/1.1	200 OK	miximedia.svg static.mixi.media/static/adpreview-assets/mixi-media/images/logo/	6 KB 6 KB	119ms 46ms	Image image/svg+xml	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:37 GMT Last-Modified Mon, 30 Sep 2019 14:11:01 GMT Server nginx ETag "5d920cf5-1849" Content-Type image/svg+xml Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 6217
GET H2	200	tracking Show response pwe.epochbase.com/api/config/	130 B 185 B	141ms 140ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/config/tracking?siteId=www.ntd.com Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash fde9ee51fca5303e3ecbc119c72e658e78537e8e2429f3dc1ecbccedccb9dd92 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130
GET H2	200	5965368 Show response fundingchoicesmessages.google.com/i/	181 KB 61 KB	143ms 57ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/5965368?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404240101/pubads_impl.js?cb=31083073 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5c3578b65ea87271eea9b4a474b069075ee0be5f16ad97b00f55a8fdfd8d9358 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tIxDuNsxpWbrRBwOykGXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tIxDuNsxpWbrRBwOykGXgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhHo6d25dvZBOYMaF_JjMA_Jkqkg" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame B1D1	0 0	98ms 52ms	Document text/html	216.58.206.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=bottomright&cb=aak9rwtkzd2b Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-aa-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wWtyB_Q6BEHhadd5tD8zvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.ntd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-wWtyB_Q6BEHhadd5tD8zvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 25 Apr 2024 04:27:37 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	subtitle Show response www1.youmaker.com/v1/api/video/	35 B 51 B	62ms 35ms	XHR application/json	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www1.youmaker.com/v1/api/video/subtitle?systemid=fb512588-5ffa-49f9-a94f-69ec8467ddab Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash be0a08cc28d8e714bf3dc45be04f2449d456adefdeac74e733b312e05d8158b5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
POST H3	200	reportad Show response www1.youmaker.com/	15 B 29 B	36ms 36ms	XHR application/json	35.201.68.206 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www1.youmaker.com/reportad Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.68.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * date Thu, 25 Apr 2024 04:27:37 GMT via 1.1 google server nginx/1.20.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 content-type application/json;charset=UTF-8
POST H2	204	collect Show response ea.epochbase.com/api/analytics/	0 225 B	683ms 683ms	XHR text/plain	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api/analytics/collect?tid=G-NLM20HHRE4&v=1&en=video_start&site_id=www.ntd.com&video_id=fb512588-5ffa-49f9-a94f-69ec8467ddab&video_playtime=0&video_percentage=0&dl=&dr=&uid=4f5782a2-0424-4d1f-84f7-c7b566f52fd1&cid=null Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.ntd.com date Thu, 25 Apr 2024 04:27:38 GMT server nginx/1.20.1 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE
GET H/1.1	200 OK	playlist.m3u8 Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/	848 B 1006 B	100ms 29ms	XHR application/x-mpegurl	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/playlist.m3u8 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 8e1862739d33ed00d6ac62da36d1b1321bf3591b791d55e14417def0860cd7cd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:37 GMT Content-Encoding gzip Connection keep-alive Akamai-Mon-Iucid-Del 1194989 Cdn-Cache-Control no-store Content-Length 257 Server nginx/1.20.1 Vary Accept-Encoding Access-Control-Max-Age 86400 Content-Type application/x-mpegURL Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control must-revalidate, max-age=10 Access-Control-Allow-Credentials true Akamai-Cache-Control max-age=10,must-revalidate Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET BLOB	200 OK	c4f5dbd3-66f1-402a-8738-898565427fd1 https://www.ntd.com/	6 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/c4f5dbd3-66f1-402a-8738-898565427fd1 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6f791eabefc065903d7efdab11dfdaa0fe2ee5523bdc9bca55fbb279e45b7a4b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 5896 Content-Type application/javascript
GET H3	200	mixpanel-2.48.1.min.js Show response pwe.epochbase.com/libs/	52 KB 18 KB	167ms 139ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip via 1.1 google last-modified Fri, 15 Dec 2023 22:33:10 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 05:27:37 GMT
GET H3	200	template Show response pwe.epochbase.com/api/	1 KB 676 B	137ms 136ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET BLOB	200 OK	d2bc38c9-c900-403a-bab7-471efcf8d605 https://www.ntd.com/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/d2bc38c9-c900-403a-bab7-471efcf8d605 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 80085 Content-Type application/javascript
GET BLOB	200 OK	ae5e997a-57de-4b94-b28b-3595a9adec67 https://www.ntd.com/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/ae5e997a-57de-4b94-b28b-3595a9adec67 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 432b0c7cf4757ee2a38afd9ac1434df69bd10acead987ba4a249daae49d77bce Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 80085 Content-Type application/javascript
POST H/1.1	200	jsapi Show response mixi.media/newdata/	8 KB 3 KB	123ms 123ms	XHR application/json	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mixi.media/newdata/jsapi?action=news Requested by Host: static.mixi.media URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 992e496d9583df36a592849eb1d10897e1af3be52eae2492bd67550f62c9e2a5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type multipart/form-data Response headers Pragma no-cache Date Thu, 25 Apr 2024 04:27:37 GMT Content-Encoding gzip Last-Modified Thursday, 25-Apr-2024 04:27:37 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive X-Node ads5-2sser14
OPTIONS H2	200	c ea.epochbase.com/api2/pw/ Frame	0 0	110ms 109ms	Preflight	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ntd.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Origin,Content-Type,Authorization access-control-allow-methods GET, POST, PATCH, OPTIONS, PUT, DELETE access-control-allow-origin * allow GET, POST, OPTIONS, PUT, DELETE cache-control max-age=3600 public content-length 0 date Thu, 25 Apr 2024 04:27:37 GMT expires Thu, 25 Apr 2024 05:27:37 GMT pragma public server nginx/1.20.1
POST H2	200	c Show response ea.epochbase.com/api2/pw/	0 309 B	1112ms 1111ms	XHR text/plain	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Accept application/json, text/plain, */* Referer https://www.ntd.com/ sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 25 Apr 2024 04:27:39 GMT server nginx/1.20.1 allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE access-control-allow-origin https://www.ntd.com cache-control max-age=3600, public access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 expires Thu, 25 Apr 2024 05:27:39 GMT
GET H3	200	data Show response pwe.epochbase.com/api/flow/	6 KB 1 KB	137ms 137ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/flow/data?siteId=www.ntd.com&flowId=live-ntd Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e694fe9a05dff31510293e22b2d64d02a170a6530cb0aa7e2dc847d51bc0c6c8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:37 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	settings Show response stat.media/counter/	452 B 1 KB	301ms 65ms	Script application/javascript	82.148.14.194 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/settings?payload=COeDAxiJmYmc8TE&cb=_callbacks____0lveqt7oo Requested by Host: cdnjs.mixi.media URL: https://cdnjs.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 82.148.14.194 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel24.imcmdb.net Software nginx / Resource Hash dfb20177c4c17fc0220fa5a8a41758c4512b2d101f021cbb1a3b8a75f785ed38 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript
GET H2	200	AGSKWxU35zP-5ObYNlVQmG3k9ttVcRuNuJNcICJp1pDxCikW_2TFqqvvZuHrQamRtx_TOdDhKWjKq6SLs86IkUjZUzbvRSXTzWUpkQySu0J3Z1QdOG1whlsBJCO6viQ0dfuETmT26XcDMg== Show response fundingchoicesmessages.google.com/f/	397 KB 61 KB	130ms 129ms	Script application/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxU35zP-5ObYNlVQmG3k9ttVcRuNuJNcICJp1pDxCikW_2TFqqvvZuHrQamRtx_TOdDhKWjKq6SLs86IkUjZUzbvRSXTzWUpkQySu0J3Z1QdOG1whlsBJCO6viQ0dfuETmT26XcDMg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0MDE5MjU3LDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9uZXcteW9yay10aW1lcy1wbGFucy1hdHRhY2stb24tc2hlbi15dW4taW52ZXN0aWdhdGl2ZS1qb3VybmFsaXN0Xzk4MDgzMS5odG1sIixudWxsLFtbOCwiTUFBMm0xWDZNNDQiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxNIiHUjm3_euSv5BF1upSSEX7FDQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7f11dec0d4fd284d339239d3fde2d4f718ade03ca6f814d444a501562bca9a63 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ksUiQlv7dT12gBijnmdCFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ksUiQlv7dT12gBijnmdCFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo5d25dvZBO48H22MgDQ7yq7" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	playlist.m3u8 Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	1 KB 1 KB	498ms 498ms	XHR application/x-mpegurl	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/playlist.m3u8 Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash c48b0a71481caa47c597b3c4cf55ed82a4880ea0e449e9f69292443f47fab060 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Content-Encoding gzip Connection keep-alive Akamai-Mon-Iucid-Del 1194989 Cdn-Cache-Control no-store Content-Length 303 Server nginx/1.20.1 Vary Accept-Encoding Access-Control-Max-Age 86400 Content-Type application/x-mpegURL Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control must-revalidate, max-age=10 Access-Control-Allow-Credentials true Akamai-Cache-Control max-age=10,must-revalidate Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	11790131.jpeg static7.mixi.media/img/400x300/	60 KB 61 KB	118ms 52ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static7.mixi.media/img/400x300/11790131.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 41e520d2043434718466d02080abca1ea2cc5e7377e7650cdafb57054003bfa8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Wed, 24 Apr 2024 23:19:57 GMT Server nginx ETag W/"6629939d-c9e8" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 61770
GET H/1.1	200 OK	11789535.jpeg static4.mixi.media/img/400x300/	38 KB 39 KB	124ms 55ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static4.mixi.media/img/400x300/11789535.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash d0d3a3ebe97bbda52fb9f0d4140ed738fe8beeeffa74867c385f311438423d7d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Wed, 24 Apr 2024 15:00:06 GMT Server nginx ETag W/"66291e76-208bc" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 39300
GET H/1.1	200 OK	11737206.jpeg static1.mixi.media/img/400x300/	76 KB 76 KB	124ms 56ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static1.mixi.media/img/400x300/11737206.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash b4fe6380d5b6ae2cd9da9cb5303be59ccba8756341eb5f72b10bf680389b56d0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Mon, 01 Apr 2024 17:53:00 GMT Server nginx ETag W/"660af47c-28e72" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 77597
GET H/1.1	200 OK	11775198.jpeg static2.mixi.media/img/400x300/	66 KB 66 KB	116ms 53ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static2.mixi.media/img/400x300/11775198.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 8ffbdbab760942500614aeb2e4daa477498175c2099fab0c52b8b4926b5a8c7a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Thu, 18 Apr 2024 05:53:18 GMT Server nginx ETag W/"6620b54e-5b603" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 67788
GET H/1.1	200 OK	11789508.jpeg static6.mixi.media/img/400x300/	80 KB 81 KB	121ms 56ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static6.mixi.media/img/400x300/11789508.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 0376ae9be0b1a1ab6aa93c6e18852b3fbac47c459619f1422dd62e302526ee3a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Wed, 24 Apr 2024 14:50:56 GMT Server nginx ETag W/"66291c50-30a48" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 82210
GET H/1.1	200 OK	11782756.jpeg static6.mixi.media/img/400x300/	53 KB 53 KB	116ms 52ms	Image image/jpeg	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static6.mixi.media/img/400x300/11782756.jpeg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash fcff1e5915000223fae07ef83e7f607669705320f835a3bc036feb3c701fd220 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Sun, 21 Apr 2024 19:10:06 GMT Server nginx ETag W/"6625648e-417c3" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Content-Length 54173
GET H3	200	meter Show response pwe.epochbase.com/api/flow/	38 B 54 B	138ms 137ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/flow/meter?uid=253a2710-02bc-11ef-8b25-5d7a427c4445&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&resetPeriod=1&resetUnit=days&countSamePage=false Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT via 1.1 google server nginx/1.20.1 vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38
POST H3	200	/ Show response mixproxy.epoch.cloud/mixpanel/track/	1 B 603 B	333ms 294ms	XHR application/json	104.21.234.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1714019258054 Requested by Host: pwe.epochbase.com URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 25 Apr 2024 04:27:38 GMT strict-transport-security max-age=604800; includeSubDomains via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-envoy-upstream-service-time 19 alt-svc h3=":443"; ma=86400 content-length 1 server cloudflare access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.ntd.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIkGaYxaS0aKLgJZOGIuHNf6HmVWzbyoQuXnBKT%2B4AoGOfgjXVKOAa6wB%2FsisHcGKI%2BNupf096UM0fEG3J4yurNp4aSGZzOy7hJaDvS8hYVGlqRHVJomtMhl1dn6S4jEwSyZqYTPbQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true cf-ray 879b94eb2c1a18e9-FRA access-control-allow-headers X-Requested-With
GET H2	200	css fonts.googleapis.com/	106 KB 6 KB	97ms 35ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzj2c8b4CkbkvECFVqICS7KaagnYw/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 25 Apr 2024 04:27:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Apr 2024 04:27:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Apr 2024 04:27:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/	15 KB 16 KB	74ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 19 Apr 2024 23:56:39 GMT x-content-type-options nosniff age 448259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Apr 2025 23:56:39 GMT
POST H3	200	meter Show response pwe.epochbase.com/api/flow/	0 13 B	150ms 150ms	XHR text/plain	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/flow/meter?uid=253a2710-02bc-11ef-8b25-5d7a427c4445&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT via 1.1 google server nginx/1.20.1 vary Origin access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	65ms 30ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 00:50:53 GMT x-content-type-options nosniff age 185805 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Apr 2025 00:50:53 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v142/	125 KB 126 KB	94ms 59ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 11:51:26 GMT x-content-type-options nosniff age 59772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Mon, 08 Apr 2024 19:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Apr 2025 11:51:26 GMT
POST H3	204	AGSKWxUpVq8as9c1cKuShofZ58_9n1dpz3JP4zdDKH_qGHh00yV8AyMSaI-WCC01B4_OFNRPGPD45Fu8P7zYDp1MgwjyyGHGTvCudfAMiVrHNh5SDKc7U5T3AgC_xZn2yNyWZUlY8Dp9Cg== Show response fundingchoicesmessages.google.com/el/	0 29 B	81ms 33ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUpVq8as9c1cKuShofZ58_9n1dpz3JP4zdDKH_qGHh00yV8AyMSaI-WCC01B4_OFNRPGPD45Fu8P7zYDp1MgwjyyGHGTvCudfAMiVrHNh5SDKc7U5T3AgC_xZn2yNyWZUlY8Dp9Cg== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxNIiHUjm3_euSv5BF1upSSEX7FDQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3khwLlOr81KSQsRCgClj-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-security-policy script-src 'report-sample' 'nonce-3khwLlOr81KSQsRCgClj-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2PX9uUb2QRunF43lREAx24MXg" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.ntd.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	22ms 21ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Apr 2024 01:17:56 GMT x-content-type-options nosniff age 184182 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Apr 2025 01:17:56 GMT
GET H/1.1	200	/ mixi.media/cookiematching/	43 B 882 B	114ms 114ms	Image image/gif	136.243.66.182 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJDZiOTNhOWU3LWQxYjAtNDc2ZC1hOTFlLTQ2ZjQ4MjA4Y2JmMRoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzE0MDE5MjU4MTY4GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJGViZWRiNzQxLTMxNWMtNGMyNS1hNTZlLWY2NWEyOTNjMTdjZBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1714019258387 Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS mixi.media Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache, no-cache Date Thu, 25 Apr 2024 04:27:38 GMT Last-Modified Thursday, 25-Apr-2024 04:27:38 GMT Server nginx Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Content-Length 43 Expires Thu, 25 Apr 2024 04:27:38 GMT
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	183ms 61ms	XHR text/plain	82.148.14.194 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: cdnjs.mixi.media URL: https://cdnjs.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 82.148.14.194 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel24.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Thu, 25 Apr 2024 04:27:38 GMT Server nginx Connection keep-alive
GET H3	200	template Show response pwe.epochbase.com/api/	3 KB 1 KB	136ms 136ms	XHR application/json	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version= Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 640358130b8a6b2a822dda079bd3d0fb8ec94d78216ae4ac4a6cf7a09291dd84 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-encoding gzip via 1.1 google server nginx/1.20.1 vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://www.ntd.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	200	c Show response ea.epochbase.com/api2/pw/	0 309 B	518ms 518ms	XHR text/plain	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Accept application/json, text/plain, */* Referer https://www.ntd.com/ sec-ch-ua-platform "Win32" Response headers pragma public date Thu, 25 Apr 2024 04:27:39 GMT server nginx/1.20.1 allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE access-control-allow-origin https://www.ntd.com cache-control max-age=3600, public access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 expires Thu, 25 Apr 2024 05:27:39 GMT
OPTIONS H2	200	c ea.epochbase.com/api2/pw/ Frame	0 0	109ms 109ms	Preflight	4.7.168.74 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.ntd.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Access-Control-Allow-Origin,Content-Type,Authorization access-control-allow-methods GET, POST, PATCH, OPTIONS, PUT, DELETE access-control-allow-origin * allow GET, POST, OPTIONS, PUT, DELETE cache-control max-age=3600 public content-length 0 date Thu, 25 Apr 2024 04:27:38 GMT expires Thu, 25 Apr 2024 05:27:38 GMT pragma public server nginx/1.20.1
GET H2	200	lc2.js Show response b-code.liadm.com/	101 KB 36 KB	82ms 24ms	Script application/javascript	2600:9000:275d:2800:8:8845:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b-code.liadm.com/lc2.js Requested by Host: s3-us-west-2.amazonaws.com URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:2800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 9087c6926d7fdcb36fda0c14eec72a136b33ab4f8ff487220e91830e9916640a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 14:15:52 GMT content-encoding gzip via 1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 age 51106 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public,max-age=86400 x-amz-cf-id jCpHFp6UEWrNt3hRfh77pTR-Pntb3O21aztg04Gh4HHtbdyUlUbAZA==
GET H/1.1	200 OK	out0000.ts Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	594 KB 595 KB	358ms 357ms	XHR video/mp2t	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0000.ts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash bd24272c6ee55652401868ba3f4be6a70772da1b7f0b05dd9df8963a05108801 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:38 GMT Server nginx/1.20.1 Transfer-Encoding chunked Access-Control-Max-Age 86400 Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31536000 Access-Control-Allow-Credentials true Connection keep-alive, Transfer-Encoding Akamai-Mon-Iucid-Del 1194989 Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H3	200	react.production.min.js Show response pwe.epochbase.com/libs/react@18.2.0/	10 KB 4 KB	138ms 138ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/react@18.2.0/react.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-encoding gzip via 1.1 google last-modified Sat, 02 Dec 2023 22:34:10 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 05:27:38 GMT
GET H3	200	react-dom.production.min.js Show response pwe.epochbase.com/libs/react@18.2.0/	129 KB 44 KB	139ms 138ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/react@18.2.0/react-dom.production.min.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-encoding gzip via 1.1 google last-modified Sat, 02 Dec 2023 22:34:44 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 05:27:38 GMT
GET H3	200	signInCombo-2.2.umd.js Show response pwe.epochbase.com/libs/	272 KB 78 KB	140ms 140ms	Script text/javascript	34.110.129.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://pwe.epochbase.com/libs/signInCombo-2.2.umd.js Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/pages/_app-085facb3c1303022.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.129.110.34.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash e58c40208984f8d78fd3ee50e60c508b1b6041e516bb13b14232b33582dd5ddf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:38 GMT content-encoding gzip via 1.1 google last-modified Mon, 15 Apr 2024 23:52:39 GMT server nginx/1.20.1 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control max-age=3600, public, no-transform accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 05:27:38 GMT
GET H/1.1	200 OK	NTDLogo.svg i.ntd.com/assets/themes/ntd/images/	660 B 0	0ms 0ms	Image image/svg+xml	2.16.202.75 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg Requested by Host: www.ntd.com URL: https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-75.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:37 GMT Last-Modified Fri, 14 Oct 2022 17:48:55 GMT Server nginx ETag "6349a107-294" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type image/svg+xml Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=29624683 Access-Control-Allow-Credentials true Akamai-Mon-Iucid-Del 1403547 Accept-Ranges bytes Access-Control-Allow-Headers origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Content-Length 660
GET H2	204	72731 Show response idx.liadm.com/idex/unknown/	0 368 B	385ms 123ms	XHR text/plain	3.227.41.225 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&cd=.ntd.com&pu=https%3A%2F%2Fwww.ntd.com&qf=0&resolve=md5 Requested by Host: b-code.liadm.com URL: https://b-code.liadm.com/lc2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.41.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-41-225.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:39 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin request-time 0 access-control-allow-origin https://www.ntd.com cache-control max-age=3599, private access-control-allow-credentials true trace-id e0383e56d29d9402 expires Thu, 25 Apr 2024 05:27:39 GMT
POST H/1.1	204 No Content	view Show response stat.media/counter/	0 135 B	61ms 61ms	XHR text/plain	82.148.14.194 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://stat.media/counter/view Requested by Host: cdnjs.mixi.media URL: https://cdnjs.mixi.media/sm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 82.148.14.194 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS sm-server1-1.ssel24.imcmdb.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers access-control-allow-origin * Date Thu, 25 Apr 2024 04:27:39 GMT Server nginx Connection keep-alive
GET H2	200	j Show response rp4.liadm.com/ Redirect Chain https://rp.liadm.com/j?dtstmp=1714019258997&se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&tv=v2.14.3&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-jour... https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&cd=.ntd.com&dtstmp=1714019258997&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-...	13 B 318 B	656ms 123ms	XHR application/json	34.202.182.68 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&cd=.ntd.com&dtstmp=1714019258997&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjQ%3D Protocol H2 Server 34.202.182.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-182-68.compute-1.amazonaws.com Software / Resource Hash efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 25 Apr 2024 04:27:40 GMT x-pixel-event-id 6597b5f0-2b5f-4290-af3e-d2b72c90eeca access-control-allow-methods GET content-type application/json access-control-allow-origin null access-control-expose-headers * access-control-allow-credentials true content-length 13 Redirect headers location https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hw9r4mbe0792ehm02bswhq1k&cd=.ntd.com&dtstmp=1714019258997&tv=v2.14.3&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjQ%3D access-control-allow-origin https://www.ntd.com date Thu, 25 Apr 2024 04:27:39 GMT access-control-expose-headers * access-control-allow-credentials true content-length 0 access-control-allow-methods GET
GET H2	200	/ Show response a.clickcertain.com/px/ Redirect Chain https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=a52ff52b-2366-4b5b-afb3-37fd28044cd8	5 KB 2 KB	60ms 59ms	Script text/javascript	2606:4700:20::681a:932 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=a52ff52b-2366-4b5b-afb3-37fd28044cd8 Protocol H2 Server 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad6a74084c6fe62b3a24d7a8f7fb44ac835e9ffe9b520eff6f529968412f432 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 25 Apr 2024 04:27:39 GMT content-encoding br x-frontend cc-nginx-67cd96f68-dxhb5:cc-nginx-67cd96f68-dxhb5 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid c69c4f27-4742-499e-91c2-3d9895179c7a report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPu2adGN5Q6oHF1ZmR0gywYtZI8xKHywD5nc%2FK8mr%2FOhYnnLnyFQhf7x%2F%2F8KP5YxC4yn0SlKtNp5wcmhLhaocPzOg3tk6UcWRHEAzyPtVTvI8JkfkTAhDU22rLHX%2FO4679EUt82GrjFO67X8j7udSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 879b94f2bdd26abb-FRA Redirect headers date Thu, 25 Apr 2024 04:27:39 GMT x-frontend cc-nginx-67cd96f68-dxhb5:cc-nginx-67cd96f68-dxhb5 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-requestid a52ff52b-2366-4b5b-afb3-37fd28044cd8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVki6W9ms%2BJvrPNnaah5UcBOW5yPDljjFyh1MYR%2FS%2FEPVXmQGIMdaMjJEqB0bGsz60fiynhaRM4zx3asKfU52tGWJ2C40erZifX8NfpnN0FBE74q8ewH8LlAXf2JPcot30Fg7J8ff9%2BrJ6FdypBFbg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript location https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=a52ff52b-2366-4b5b-afb3-37fd28044cd8 cf-ray 879b94f20d776abb-FRA
GET H2	200	favicon.ico www.ntd.com/images/	99 KB 5 KB	499ms 498ms	Other image/x-icon	2606:4700::6812:181e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 542613c8007b58650dadc2e0c690d3836fccf9a7a90ff35c13092ac06784447e Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:39 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000 last-modified Mon, 11 Sep 2023 14:25:48 GMT server cloudflare cf-cache-status MISS etag W/"18bc6-18a84a25ff3" x-frame-options DENY vary Accept-Encoding content-type image/x-icon cache-control public, max-age=14400 cf-ray 879b94f0ed25190d-FRA x-xss-protection 1; mode=block expires Thu, 25 Apr 2024 08:27:39 GMT
GET H/1.1	200 OK	out0001.ts Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	581 KB 581 KB	413ms 413ms	XHR video/mp2t	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0001.ts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 122b389bc408e98a1bfca4df7d88ad85a0d34d54bc558e8efe3b9e6a127689a1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:39 GMT Server nginx/1.20.1 Transfer-Encoding chunked Access-Control-Max-Age 86400 Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31536000 Access-Control-Allow-Credentials true Connection keep-alive, Transfer-Encoding Akamai-Mon-Iucid-Del 1194989 Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H3	200	ActaDeck-Medium.otf cdn.epoch.cloud/assets/fonts/	51 KB 51 KB	103ms 43ms	Font application/octet-stream	104.21.234.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2987 alt-svc h3=":443"; ma=86400 content-length 51776 last-modified Wed, 19 Feb 2020 18:57:39 GMT server cloudflare etag "5e4d8523-ca40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSBSUYW7IryCB%2FKFBE4Tkv%2FU5%2FYLqnQdOCtfrbVf0dYOqRwyl0LktsCcrKB2A0TLPOy40aStoK41CuR%2BJNxlm6C1vfysv3XVxgvwktRvK%2FuEm3%2Fj4o1HFXDGZ7JlyDlSzWE%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 879b94f1fc159758-FRA
GET H3	200	RingsideNarrow-Medium.otf cdn.epoch.cloud/assets/fonts/	123 KB 124 KB	91ms 31ms	Font application/octet-stream	104.21.234.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.234.69 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Origin https://www.ntd.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:27:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1996 alt-svc h3=":443"; ma=86400 content-length 126244 last-modified Tue, 07 Jun 2022 20:08:09 GMT server cloudflare etag "629fb029-1ed24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igHxYU2LdLBJmpObjuObrB2GMPKYnHdR7NrXXGeQ9vm4JsspKMiLOqrFobqPBLX0AqWjalLEh60ThP7DAVUIrrFd1cyD05r6gnjmvlPyreEMmzLuieDetZoSis6CHL%2FK%2BUs%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 879b94f1fc179758-FRA
GET H2	200	p.gif p.alocdn.com/c/vn3d8u2u/a/etarget/ Redirect Chain https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C... https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C...	42 B 351 B	206ms 206ms	Image image/gif	52.89.43.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522d7f489b3-49b4-4f73-8032-e52b50d93090%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1 Protocol H2 Server 52.89.43.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-89-43-131.us-west-2.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" date Thu, 25 Apr 2024 04:27:40 GMT server nginx/1.20.1 content-type image/GIF Redirect headers location /c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.1%2522%252C%2522guid%2522%253A%2522d7f489b3-49b4-4f73-8032-e52b50d93090%2522%257D&title=New%20York%20Times%20Plans%20Attack%20on%20Shen%20Yun%3A%20Investigation%20%7C%20NTD&url=https%3A%2F%2Fwww.ntd.com%2Fnew-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html&tdc=1 date Thu, 25 Apr 2024 04:27:40 GMT p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" server nginx/1.20.1 content-type image/GIF
GET H2	200	/ a.clickcertain.com/px/cont/ Frame F49A	0 0	144ms 100ms	Document text/html	2606:4700:20::681a:832 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=dcb1057c-7137-43bb-a8ea-818c6c499da4&cn=DE&rid=a52ff52b-2366-4b5b-afb3-37fd28044cd8 Requested by Host: a.remarketstats.com URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=new-york-times-plans-attack-on-shen-yun-investigative-journalist_980831.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:832 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 879b94f37b0d915c-FRA content-encoding br content-type text/html date Thu, 25 Apr 2024 04:27:39 GMT etag W/"ZGNiMTA1N2NnNzEzN2c0M2JiZ2E4ZWFnODE4YzZjNDk5ZGE0LXow" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kY9Dix2X0PTFKVZKrCtbnn8Sla5volJ5TuvHxIF0M9acWHApEja67x1A3hb4Bo%2BWhAJJpJ32Z3m7%2FL0Qohf%2Fm%2F6SPe1x8%2Bgho5vdFUZrORzSNiVH47ExNM6LM3TQwXSUV%2BAlB9QE%2B07JnUCv79R9MQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-frontend cc-nginx-67cd96f68-dxhb5:cc-nginx-67cd96f68-dxhb5 x-requestid 83116466-680e-44cd-95c8-52f64ea493db
GET H/1.1	200 OK	out0002.ts Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	655 KB 655 KB	232ms 232ms	XHR video/mp2t	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0002.ts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 9ade0316d82f56d57adfed6f98166f7f456d6cfc9e1d6da211909262945332ec Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:39 GMT Server nginx/1.20.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31456221 Access-Control-Allow-Credentials true Connection keep-alive Akamai-Mon-Iucid-Del 1194989 Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session Content-Length 670220
GET H/1.1	200 OK	out0003.ts Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	554 KB 555 KB	355ms 354ms	XHR video/mp2t	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0003.ts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 11daf4723d6b32a8cb6562fb12dbdcbfc088e9ad45ab3945cc16611671f54d14 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:40 GMT Server nginx/1.20.1 Transfer-Encoding chunked Access-Control-Max-Age 86400 Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535970 Access-Control-Allow-Credentials true Connection keep-alive, Transfer-Encoding Akamai-Mon-Iucid-Del 1194989 Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
GET H/1.1	200 OK	out0004.ts Show response vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/	186 KB 187 KB	614ms 614ms	XHR video/mp2t	2.16.202.65 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/hls_480p/out0004.ts Requested by Host: www.ntd.com URL: https://www.ntd.com/_next/static/chunks/30418f44-0997a245180a218e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-202-65.deploy.static.akamaitechnologies.com Software nginx/1.20.1 / Resource Hash 0d2c10f2fe573823a1a4749824ca10cbf267ea663970d056cac9d8d823188c62 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.ntd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 25 Apr 2024 04:27:44 GMT Server nginx/1.20.1 Transfer-Encoding chunked Access-Control-Max-Age 86400 Content-Type video/MP2T Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Expose-Headers Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC Cache-Control max-age=31535964 Access-Control-Allow-Credentials true Connection keep-alive, Transfer-Encoding Akamai-Mon-Iucid-Del 1194989 Access-Control-Allow-Headers origin,range,authorization,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.ntd.com

URL

https://www.ntd.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab

Domain

www.ntd.com

URL

https://www.ntd.com/v1/api/video/metadata/fb512588-5ffa-49f9-a94f-69ec8467ddab

Domain

vs1.youmaker.com

URL

https://vs1.youmaker.com/assets/fb512588-5ffa-49f9-a94f-69ec8467ddab/playlist.m3u8