urlscan.io logo urlscan.io
SecurityTrails logo

www.ntd.com Open in urlscan Pro
151.139.128.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mb.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Effective URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Submission: On July 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 11 countries across 52 domains to perform 239 HTTP transactions. The main IP is 151.139.128.11, located in United States and belongs to STACKPATH-CDN, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 542468.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2021. Valid for: a year.
This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 151.139.128.11 20446 (STACKPATH...)
7 108.138.4.10 16509 (AMAZON-02)
10 35.244.243.66 15169 (GOOGLE)
1 23.47.209.80 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.136.157 54113 (FASTLY)
2 143.204.89.75 16509 (AMAZON-02)
2 2a00:1450:401... 15169 (GOOGLE)
3 2a00:1450:401... 15169 (GOOGLE)
1 34.120.97.157 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.72 16509 (AMAZON-02)
7 34.120.33.89 15169 (GOOGLE)
4 4.7.168.74 3356 (LEVEL3)
6 54.170.230.96 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
12 136.243.66.182 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.162 15169 (GOOGLE)
4 46.161.36.24 49505 (SELECTEL)
5 185.89.208.11 29990 (ASN-APPNEX)
12 185.89.210.180 29990 (ASN-APPNEX)
8 51.89.9.252 16276 (OVH)
4 2602:803:c003... 26667 (RUBICONPR...)
8 24 104.18.18.126 13335 (CLOUDFLAR...)
4 52.17.61.45 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 69.166.1.10 27630 (AS-XFERNET)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.92.131.48 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:230... 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 35.168.71.120 14618 (AMAZON-AES)
4 23.47.209.6 16625 (AKAMAI-AS)
4 23.47.208.198 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
4 104.18.19.126 13335 (CLOUDFLAR...)
5 35.71.131.137 16509 (AMAZON-02)
5 5 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
5 11 142.250.181.226 15169 (GOOGLE)
2 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:f03... 10310 (YAHOO-1)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
4 8 52.46.130.91 16509 (AMAZON-02)
1 54.154.162.73 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.111.151.213 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 103.229.205.242 30419 (MEDIAMATH...)
1 54.93.141.89 16509 (AMAZON-02)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 66.155.71.25 13768 (COGECO-PEER1)
2 2 135.125.160.160 16276 (OVH)
1 1 54.210.33.215 14618 (AMAZON-AES)
1 34.241.126.16 16509 (AMAZON-02)
1 1 52.200.156.133 14618 (AMAZON-AES)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 99.86.240.99 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 54.237.176.190 ()
239 64
41    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
mb.ntd.com
www.ntd.com
img.ntd.com
7    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
10    35.244.243.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.243.244.35.bc.googleusercontent.com
subs.youmaker.com
1    23.47.209.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-80.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    143.204.89.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-75.fra50.r.cloudfront.net
js.chargebee.com
2    2a00:1450:4014:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4014:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.120.97.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.97.120.34.bc.googleusercontent.com
sc.youmaker.com
4    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
7    34.120.33.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.33.120.34.bc.googleusercontent.com
comment.youmaker.com
4    4.7.168.74 (Queens, United States)

ASN3356 (LEVEL3, US)
ea.youmaker.com
6    54.170.230.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
12    136.243.66.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media
mixi.media
static.mixi.media
target.mixi.media
static4.mixi.media
static3.mixi.media
static2.mixi.media
static7.mixi.media
static5.mixi.media
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
4    46.161.36.24 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp2.imcmdb.net
stat.media
5    185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net
prebid.adnxs.com
12    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
8    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
24    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    52.17.61.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-61-45.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4014:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)
767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.92.131.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2606:4700:20::681a:27a (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
5    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:2304:1200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    2600:1f18:730:b150:1cf:88dc:54d8:eec2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    35.168.71.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-71-120.compute-1.amazonaws.com
rp4.liadm.com
4    23.47.209.6 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-6.deploy.static.akamaitechnologies.com
js-sec.indexww.com
4    23.47.208.198 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-198.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
5    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
11    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
ads.yahoo.com
2    2a05:d018:d29:3601:6b06:26e1:4300:34b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.154.162.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-162-73.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
4    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    54.93.141.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    54.210.33.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-33-215.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    34.241.126.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-126-16.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.200.156.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-156-133.compute-1.amazonaws.com
nep.advangelists.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2606:4700:3038::6815:ea4e (United States)

ASN13335 (CLOUDFLARENET, US)
services.epoch.cloud
1    99.86.240.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-99.vie50.r.cloudfront.net
clientcdn.pushengage.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    54.237.176.190 (None, )

ASN- ()
idx.liadm.com
Apex Domain
Subdomains		 Transfer
41 ntd.com
mb.ntd.com
www.ntd.com — Cisco Umbrella Rank: 542468
img.ntd.com — Cisco Umbrella Rank: 621007
3 MB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 553
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
r.casalemedia.com — Cisco Umbrella Rank: 770
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
dsum.casalemedia.com — Cisco Umbrella Rank: 1250
24 KB
22 youmaker.com
subs.youmaker.com — Cisco Umbrella Rank: 65101
sc.youmaker.com — Cisco Umbrella Rank: 61538
comment.youmaker.com — Cisco Umbrella Rank: 45653
ea.youmaker.com — Cisco Umbrella Rank: 608748
853 KB
21 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1811
ib.adnxs.com — Cisco Umbrella Rank: 234
acdn.adnxs.com — Cisco Umbrella Rank: 566
81 KB
19 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
154 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
49 KB
13 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
eus.rubiconproject.com — Cisco Umbrella Rank: 598
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
18 KB
12 mixi.media
mixi.media — Cisco Umbrella Rank: 34487
static.mixi.media — Cisco Umbrella Rank: 60397
target.mixi.media — Cisco Umbrella Rank: 40512
static4.mixi.media — Cisco Umbrella Rank: 48323
static3.mixi.media — Cisco Umbrella Rank: 50832
static2.mixi.media — Cisco Umbrella Rank: 57852
static7.mixi.media — Cisco Umbrella Rank: 156405
static5.mixi.media — Cisco Umbrella Rank: 73984
357 KB
10 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1391
exchange.postrelease.com — Cisco Umbrella Rank: 5279
6 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 585
cdn.indexww.com
8 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 811
1 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
398 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
1 KB
5 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3908
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 96
23 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3480
rp.liadm.com — Cisco Umbrella Rank: 2023
rp4.liadm.com — Cisco Umbrella Rank: 9192
idx.liadm.com
12 KB
4 googlesyndication.com
767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
233 KB
4 stat.media
stat.media — Cisco Umbrella Rank: 25509
29 KB
3 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1462
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
590 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1358
850 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
382 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 952
685 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5701
adservice.google.de — Cisco Umbrella Rank: 8252
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
71 KB
2 chargebee.com
js.chargebee.com — Cisco Umbrella Rank: 22842
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 16157
21 KB
1 epoch.cloud
services.epoch.cloud — Cisco Umbrella Rank: 82852
2 KB
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1512
408 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2428
232 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1442
379 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
220 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 474
683 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1893
349 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2333
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1419
307 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 481
430 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 622
98 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
707 B
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 42175
652 B
1 amazonaws.com
s3-us-west-2.amazonaws.com
30 KB
1 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2630
104 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1017
533 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 487
355 B
1 t.co
t.co — Cisco Umbrella Rank: 435
337 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 610
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
38 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 2781
135 KB
0 alocdn.com Failed
p.alocdn.com Failed
239 52
Domain Requested by
21 www.ntd.com www.ntd.com
19 img.ntd.com www.ntd.com
15 dsum-sec.casalemedia.com 4 redirects r.casalemedia.com
12 ib.adnxs.com www.ntd.com
acdn.adnxs.com
11 cm.g.doubleclick.net 5 redirects www.ntd.com
r.casalemedia.com
10 subs.youmaker.com www.ntd.com
subs.youmaker.com
8 s.amazon-adsystem.com 4 redirects r.casalemedia.com
8 onetag-sys.com www.ntd.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.ntd.com
7 comment.youmaker.com www.ntd.com
comment.youmaker.com
7 c.amazon-adsystem.com www.ntd.com
c.amazon-adsystem.com
6 jadserve.postrelease.com s.ntv.io
www.ntd.com
5 token.rubiconproject.com 5 redirects
5 match.adsrvr.org www.ntd.com
r.casalemedia.com
5 a.clickcertain.com 2 redirects www.ntd.com
a.remarketstats.com
a.clickcertain.com
5 prebid.adnxs.com www.ntd.com
4 cdn.indexww.com r.casalemedia.com
4 r.casalemedia.com js-sec.indexww.com
4 ssum-sec.casalemedia.com 4 redirects
4 acdn.adnxs.com www.ntd.com
4 js-sec.indexww.com www.ntd.com
4 exchange.postrelease.com www.ntd.com
4 htlb.casalemedia.com www.ntd.com
4 fastlane.rubiconproject.com www.ntd.com
4 stat.media mixi.media
stat.media
4 www.gstatic.com www.google.com
www.gstatic.com
4 ea.youmaker.com subs.youmaker.com
4 www.google.com www.ntd.com
www.gstatic.com
www.google.com
3 mixi.media www.ntd.com
static.mixi.media
3 fonts.gstatic.com www.ntd.com
www.google.com
2 pixel.tapad.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com r.casalemedia.com
2 csync.loopme.me 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects r.casalemedia.com
2 pixel.rubiconproject.com www.ntd.com
2 eus.rubiconproject.com www.ntd.com
eus.rubiconproject.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
2 static3.mixi.media www.ntd.com
2 static.mixi.media mixi.media
www.ntd.com
2 sb.scorecardresearch.com www.ntd.com
2 www.googletagservices.com www.ntd.com
securepubads.g.doubleclick.net
2 js.chargebee.com subs.youmaker.com
js.chargebee.com
2 www.google-analytics.com www.ntd.com
www.google-analytics.com
1 idx.liadm.com b-code.liadm.com
1 clientcdn.pushengage.com www.ntd.com
1 services.epoch.cloud www.ntd.com
1 cm.adgrx.com r.casalemedia.com
1 nep.advangelists.com 1 redirects
1 dpm.demdex.net r.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 x.bidswitch.net r.casalemedia.com
1 sync.mathtag.com 1 redirects
1 dsum.casalemedia.com r.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ad4m.at r.casalemedia.com
1 sync.adotmob.com 1 redirects
1 match.prod.bidr.io r.casalemedia.com
1 ads.yahoo.com www.ntd.com
1 id.rlcdn.com www.ntd.com
1 px.ads.linkedin.com www.ntd.com
1 rp4.liadm.com www.ntd.com
1 rp.liadm.com 1 redirects
1 b-code.liadm.com s3-us-west-2.amazonaws.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 a.remarketstats.com 1 redirects
1 s3-us-west-2.amazonaws.com www.ntd.com
1 prebid-match.dotomi.com www.ntd.com
1 static5.mixi.media www.ntd.com
1 static7.mixi.media www.ntd.com
1 static2.mixi.media www.ntd.com
1 static4.mixi.media www.ntd.com
1 sync.go.sonobi.com www.ntd.com
1 767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 target.mixi.media www.ntd.com
1 www.google.de www.ntd.com
1 analytics.twitter.com www.ntd.com
1 t.co www.ntd.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sc.youmaker.com www.ntd.com
1 static.ads-twitter.com www.ntd.com
1 www.googletagmanager.com www.ntd.com
1 s.ntv.io www.ntd.com
1 mb.ntd.com 1 redirects
0 p.alocdn.com Failed www.ntd.com
239 87

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
Subject Issuer Validity Valid
*.ntd.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-11 -
2022-09-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.youmaker.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-06-23		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
js.chargebee.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
mixi.media
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
static.mixi.media
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
stat.media
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
target.mixi.media
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.liadm.com
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.pushengage.com
Amazon		 2022-02-18 -
2023-03-17		 a year crt.sh

This page contains 23 frames:

Primary Page: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Frame ID: 39417D8085269A30938E1E18806ABC1A
Requests: 150 HTTP requests in this frame

Frame: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ4NDclMkMlMjJsb25naXR1ZGUlMjIlM0E3LjE0NzclN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Frame ID: B000E15B1682175C7FBED642F6591897
Requests: 2 HTTP requests in this frame

Frame: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Frame ID: A6F2FA53956045F03093D2AB69855EB9
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Frame ID: B47370D2BF5AAD4232B02E866A2B64A6
Requests: 7 HTTP requests in this frame

Frame: https://767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E518825007AC397F051808E65285E975
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BE2344C30EACB7ADC8A7C6EB6536D2BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A5BFD404B3AA8100B2DFC499B941E52D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 30D0AAC740F32B73B842E55D0E939477
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 56A4F6FCD0FBDE882A4742A1B4401939
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659290289611
Frame ID: 3A2DF8FB6F975DD19D01911778A419C7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A53246FCD1D0B3EEF9AE3D668C9E4CB2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659290289610
Frame ID: B990D8416E360F590501567DF972C979
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B8CA25569237F756D5A9F6066BF7FA1
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659290289610
Frame ID: A67F22DF48841496E6FCB4985221D550
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F3BF2D157AD8E8B47D9957B378FB39B2
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1659290289610
Frame ID: 22204F39264B8C247CF0034007E34C21
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE709BF0C9A164053554017F76D34EC5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5031C7F89F0792D21D4E08E458146ECD
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E04C0BAFEA0CB5DAFEF89C963323FE40
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3777A5838D7DBAA8726A97109605E155
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1D813F298CB1561615808A2DDE9C8CD0
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0F3A47ABDA6A5F013941BF39178E5849
Requests: 10 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&cn=DE
Frame ID: 735B5176552ACF3F3F6E0FB88F93CFCD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mb.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817... HTTP 301
    https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.chargebee\.com/v([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

239
Requests

88 %
HTTPS

35 %
IPv6

52
Domains

87
Subdomains

64
IPs

11
Countries

5524 kB
Transfer

7958 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mb.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html HTTP 301
    https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html HTTP 302
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html HTTP 302
  • https://a.clickcertain.com/px/?c=2455d1796b86efb
Request Chain 159
  • https://rp.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&wpn=lc-bundle HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 176
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 177
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 178
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 184
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L69MLHHY-X-EO8E
Request Chain 185
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5TUxISFktWC1FTzhF
Request Chain 186
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmVhZjBjMDUxZDAzZjA0NmIzNzZjZGEwYTJiYzkxNGQ0MWU0Mzg2Yg
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENvOEFrNJZ0BP6VJGiyjiM8&google_cver=1
Request Chain 189
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L69MLHHY-X-EO8E&sigv=1&esig=2~58afa88baf36411284d4874d0a74400fc2bf33c4
Request Chain 190
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/J8_DSa59v6f0eg1a7mWmSA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4901719269183188275
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCsykUVC124P6Xnmvv5gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Request Chain 193
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Request Chain 196
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 198
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=de2f94de-5f47-139a-3e5ec8a5
Request Chain 200
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Request Chain 202
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB&dcc=t
Request Chain 204
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d0fa62e6-c2b5-4a00-ae84-e475b691bd25&gdpr=1&gdpr_consent=
Request Chain 206
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a87ff975-c2be-4ebb-8001-5eba1080238f&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 211
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB&dcc=t
Request Chain 212
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Request Chain 213
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 214
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=280b4380-d26c-4909-9f8e-13205fd581ac&expiration=1690826292
Request Chain 216
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e3168eca-f514-464e-b5ec-562c690c0898
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Request Chain 221
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Request Chain 223
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=21650ed4-a2a9-419d-9f61-c4f112547f38&us_privacy=null&gdpr_consent=null&gdpr=1
Request Chain 234
  • https://a.clickcertain.com/px/ta/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=7b010469-6568-4a05-be86-8f716250b61c
Request Chain 235
  • https://a.clickcertain.com/px/r/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d957ec4fb%25252d5e24%25252d4bfe%25252da91f%25252db47ac28c149b%252526anx_uId%25253d%252524UID HTTP 303
  • https://a.clickcertain.com/px/li/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redir%3dhttps%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526ccid%253d957ec4fb%252d5e24%252d4bfe%252da91f%252db47ac28c149b%2526anx_uId%253d%2524UID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d957ec4fb%2d5e24%2d4bfe%2da91f%2db47ac28c149b%26anx_uId%3d%24UID HTTP 302
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D957ec4fb%2D5e24%2D4bfe%2Da91f%2Db47ac28c149b%26anx_uId%3D%24UID&google_gid=CAESEAi1bPg5Muo40h72QBV4qgs&google_cver=1 HTTP 302
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&anx_uId=$UID HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&anx_uId=1166561399691301704

239 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
www.ntd.com/
Redirect Chain
  • https://mb.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
  • https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
42 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
686a89419fb387c08e4e99fc59d73a18f26b1b98a7f19b8915dcfe6b8392a7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=231
content-encoding
gzip
content-length
11191
content-type
text/html; charset=UTF-8
date
Sun, 31 Jul 2022 17:58:08 GMT
server
nginx/1.20.1
x-cache-status
MISS
x-content-type-options
nosniff
x-device
desktop
x-hw
1659290288.cds282.fr8.hn,1659290288.cds270.fr8.c
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
cache-control
max-age=0
content-length
0
date
Sun, 31 Jul 2022 17:58:08 GMT
location
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
x-hw
1659290288.cds282.fr8.hn,1659290288.cds002.fr8.c
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 31 Jul 2022 17:52:32 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 20:51:38 GMT
server
AmazonS3
age
337
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA6-C1, FRA56-P6
x-amz-cf-id
4OVqEHsxGs0YkgM_-Ph2cpWp-G-ffRCK9NqkkbkRTB-kGtCnccziDA==
prebid.js
www.ntd.com/assets/themes/m-ntd/js/ads/ 		275 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 01 Jun 2022 18:28:07 GMT
server
nginx/1.20.1
x-microcachable
0
etag
W/"6297afb7-44d5b"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds139.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
102353
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
template.css
subs.youmaker.com/lib/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/template.css?ver=20210318
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
last-modified
Wed, 27 Jul 2022 21:58:52 GMT
server
nginx/1.20.1
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3277
style.css
www.ntd.com/assets/themes/ntd/ 		2 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 14:57:36 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"5c8a6be0-6aa"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds145.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
859
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
global.css
www.ntd.com/assets/themes/ntd/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Nov 2021 15:39:08 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"61a4f41c-63d3"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds274.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
6600
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
genericons.css
www.ntd.com/assets/themes/ntd/css/genericons/ 		41 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 21:24:00 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"6089d270-a2da"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds124.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
26471
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
single.css
www.ntd.com/assets/themes/ntd/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 26 Mar 2022 17:23:01 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"623f4bf5-3dea"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds151.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
4294
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
load.js
s.ntv.io/serve/ 		471 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
07fc9910e487dc47adf17cbac80967ff1ce6c539ac50d9bc0aa0d32d02450f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:08 GMT
Content-Encoding
gzip
x-amz-request-id
0C3WJ2MFQN1AA7M4
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
jCs9M4w0PxzI+WGhOeazf3BJQ7MEVK4PCrmcPD1FU6bGhQJDBUBVNJafeThx9D6BA5k4JrsM6QE=
Last-Modified
Tue, 26 Jul 2022 22:08:57 GMT
Server
AmazonS3
ETag
"693c8e05190af721e4017e94b9e64bed"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
LIVE_TV.png
www.ntd.com/assets/themes/ntd/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/LIVE_TV.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 18:53:29 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"617af1a9-615"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds008.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
1557
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
ntd_show_menu_ntd_evening_news.jpg
img.ntd.com/assets/uploads/2021/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/02/ntd_show_menu_ntd_evening_news.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Tue, 02 Feb 2021 20:05:39 GMT
server
nginx/1.12.2
etag
"6019b093-ffc1"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds238.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
65473
ChinaInFocus-412x222-20220411.jpg
img.ntd.com/assets/uploads/2022/04/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/04/ChinaInFocus-412x222-20220411.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
854618e81eb4673bce5dd08f3f5711621bc6364e51f3a3b1de6eec0e8f943ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Tue, 12 Apr 2022 01:58:08 GMT
server
nginx/1.12.2
etag
"6254dcb0-dbe5"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds150.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
56293
NTD-Good-Morning-412x222.jpg
img.ntd.com/assets/uploads/2022/07/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/NTD-Good-Morning-412x222.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
09a844ff5ec0824771ea4f9fe9599a2aa92a2e6c41bc5aefa9fea5e196e30dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sun, 31 Jul 2022 04:37:10 GMT
server
nginx/1.20.1
etag
"62e606f6-24c83"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds273.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150659
Fresh-Look-America-412-222.jpg
img.ntd.com/assets/uploads/2022/07/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/Fresh-Look-America-412-222.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e4328db66139f0cb514c6b497dacd62b839692dbe739980c3d9b9934e816938f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Tue, 05 Jul 2022 15:12:10 GMT
server
nginx/1.20.1
etag
"62c454ca-f0da"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds209.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61658
Capitol-Report-412_222.jpg
img.ntd.com/assets/uploads/2021/09/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/09/Capitol-Report-412_222.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 25 Sep 2021 15:44:11 GMT
server
nginx/1.12.2
etag
"614f43cb-f36a"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds156.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
62314
95053e83b9351098938db8f28bdb1ba3.jpg
img.ntd.com/assets/uploads/2022/01/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/01/95053e83b9351098938db8f28bdb1ba3.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Thu, 27 Jan 2022 03:43:28 GMT
server
nginx/1.20.1
etag
"61f214e0-19f08"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds144.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
106248
Wide-Angle-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/04/Wide-Angle-NTD-412x222.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Mon, 05 Apr 2021 04:06:40 GMT
server
nginx/1.12.2
etag
"606a8cd0-24c4a"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds013.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150602
The-Beau-Show-NTD-412x222.png
img.ntd.com/assets/uploads/2021/04/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/04/The-Beau-Show-NTD-412x222.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Mon, 05 Apr 2021 04:06:27 GMT
server
nginx/1.20.1
etag
"606a8cc3-248d6"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds229.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
149718
eat-better-412_222-final.jpg
img.ntd.com/assets/uploads/2021/09/ 		640 KB
640 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/09/eat-better-412_222-final.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f81fafb66225e1363d488149050f651f1a51501deda76278b4911e90d85c4ff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 25 Sep 2021 02:57:11 GMT
server
nginx/1.20.1
etag
"614e9007-9fe0a"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds270.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
654858
banana-boat--900x506.jpg
img.ntd.com/assets/uploads/2022/07/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/banana-boat--900x506.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
18e668aadd22fe3cd1c6d36b877a8acfe504eb5f560a52981c876f6c1117d718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sun, 31 Jul 2022 11:20:16 GMT
server
nginx/1.20.1
etag
"62e66570-b4c3"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds270.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
46275
watch_ntd_on.png
www.ntd.com/assets/themes/ntd/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/watch_ntd_on.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Nov 2021 22:32:45 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"6192e00d-50f6"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds279.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
20726
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
watch_ntd_row1-2.png
img.ntd.com/assets/uploads/2021/11/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row1-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Mon, 15 Nov 2021 20:41:36 GMT
server
nginx/1.12.2
etag
"6192c600-fe6b"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds240.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
65131
watch_ntd_row2-2.png
img.ntd.com/assets/uploads/2021/11/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/11/watch_ntd_row2-2.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Mon, 28 Mar 2022 20:40:33 GMT
server
nginx/1.20.1
etag
"62421d41-172a7"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds123.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
94887
girl-and-dog-270x152.jpg
img.ntd.com/assets/uploads/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/girl-and-dog-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
db09c249b269044d9d7958f1c465546e8f7586f321bdb1b89a2ce19a682c0f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 30 Jul 2022 19:52:28 GMT
server
nginx/1.20.1
etag
"62e58bfc-2bc4"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds135.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11204
Mega-Jackpot-lottery-270x152.jpg
img.ntd.com/assets/uploads/2019/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2019/08/Mega-Jackpot-lottery-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
5225a7b46a4bb5b6b870d3a0056b36c62cf19bee42e2fc9c3d5957d8fbac3666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Tue, 27 Aug 2019 14:50:06 GMT
server
nginx/1.20.1
etag
"5d65431e-2256"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds052.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8790
mega-million-jackpot-270x152.jpg
img.ntd.com/assets/uploads/2022/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/mega-million-jackpot-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d442738e26dbda3bd17b78c2d1371d7572023189cce795d13359a3a337aff8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 30 Jul 2022 13:45:47 GMT
server
nginx/1.20.1
etag
"62e5360b-3050"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds247.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12368
emergency-landing-270x152.jpg
img.ntd.com/assets/uploads/2022/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/emergency-landing-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e63f8356e282400d9814a366eee07301b2240b4786c519cd01b175f84e65a681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 30 Jul 2022 20:12:04 GMT
server
nginx/1.20.1
etag
"62e59094-4fc8"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds207.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20424
Police-tape-270x152.jpg
img.ntd.com/assets/uploads/2022/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/06/Police-tape-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
60cf40736d32e7a75a0e4c6fe3c24f635a13c6f8a5683bbdaeb300d6c67ede9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Tue, 07 Jun 2022 15:19:53 GMT
server
nginx/1.20.1
etag
"629f6c99-23ba"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds131.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9146
Shakira-GettyImages-1397576472-270x152.jpg
img.ntd.com/assets/uploads/2022/07/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2022/07/Shakira-GettyImages-1397576472-270x152.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
208d099c55bdc5dc02ccd45cfe09acac24654a187bcfe0abd67e843ebfdb7054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Sat, 30 Jul 2022 03:24:21 GMT
server
nginx/1.20.1
etag
"62e4a465-3db1"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds103.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15793
white.png
www.ntd.com/assets/themes/ntd/images/ 		95 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/white.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 14:57:36 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"5c8a6be0-5f"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds127.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
95
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
footer-2_949x356.jpg
img.ntd.com/assets/uploads/2021/02/ 		349 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ntd.com/assets/uploads/2021/02/footer-2_949x356.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
last-modified
Wed, 03 Feb 2021 22:50:49 GMT
server
nginx/1.12.2
etag
"601b28c9-573d6"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds007.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
357334
jquery-all.min.js
www.ntd.com/assets/themes/ntd/js/ 		98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Mar 2019 14:57:36 GMT
server
nginx/1.12.2
x-microcachable
0
etag
W/"5c8a6be0-188ff"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds267.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
40721
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
bottom.js
www.ntd.com/assets/themes/ntd/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7e842ae6e9fc0ea12a6e5750d1ac7138df0084feebe6e52d1193322fb159301e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jun 2022 17:38:27 GMT
server
nginx/1.20.1
x-microcachable
0
etag
W/"629e3b93-9bdb"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds165.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
12950
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.bundle.js
subs.youmaker.com/lib/ 		215 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
6e93a39945714c778e1e805fc046c7b3e60656af8b0406ec8ac88a1657234f50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
last-modified
Wed, 27 Jul 2022 21:58:52 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219869
article_ads.js
www.ntd.com/assets/themes/ntd/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20220603
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
14c26d5c4c6a357680c3b4d989c7921c961471bae1453e1b14e5fbb0efa06c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 04 Jun 2022 18:06:13 GMT
server
nginx/1.20.1
x-microcachable
0
etag
W/"629b9f15-741b"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds159.fr8.c
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
content-length
8184
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
print.css
www.ntd.com/assets/themes/ntd/css/ 		532 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/css/print.css?ver=20200706
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 18:35:54 GMT
server
nginx/1.12.2
etag
W/"5f036f0a-214"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds245.fr8.c
content-type
text/css
cache-control
max-age=1800
content-length
320
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
57494
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 01:59:55 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
sfqmLzdxMzhObdamNZkN2R-YJMs-caEsYWgeIpwhb3AsqUdXtAyHVQ==
gtm.js
www.googletagmanager.com/ 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95a9957936dcf795ce88de80e750d8aa0788a7f47a7913e3a0b7c6a582c1fffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38522
x-xss-protection
0
last-modified
Sun, 31 Jul 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Jul 2022 17:58:08 GMT
NTDLogo.svg
www.ntd.com/assets/themes/ntd/images/ 		660 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/NTDLogo.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Nov 2021 15:31:27 GMT
server
nginx/1.12.2
etag
"618e88cf-294"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds263.fr8.c
content-type
image/svg+xml
cache-control
max-age=315360000
content-length
428
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Medium.otf
www.ntd.com/assets/themes/ntd/fonts/ 		118 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Medium.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1d9d8"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds012.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
121304
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Bold.otf
www.ntd.com/assets/themes/ntd/fonts/ 		122 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Bold.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1e6ec"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds101.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
124652
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5

Request headers

Referer
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
header-handshake.png
www.ntd.com/assets/themes/ntd/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/header-handshake.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 20:32:31 GMT
server
nginx/1.12.2
etag
"606f685f-61d"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds272.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
1565
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3368
date
Sun, 31 Jul 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 31 Jul 2022 19:02:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 21:38:45 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kiad7000171-IAD, cache-hhn11550-HHN
chargebee.js
js.chargebee.com/v2/ 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-75.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
864eec96b8b3b3499c98c64719ba89eddbc9e1aec531edb945e3d447584f9938
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
5Ots70XKmmyksSCyVo_3wkdRAxtt8o.B
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 19 Jul 2022 07:18:03 GMT
server
AmazonS3
age
23
etag
W/"dd7b597208477adb453464eced0a4ee2"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Sun, 31 Jul 2022 17:57:51 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tQc9gIlH7sjon8tqt2SGm_rNRCvEAyTn5RpBE6BK2cxlO4TpoeHIaw==
geo
subs.youmaker.com/rules/ 		116 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/geo
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
296f07f7e7ba1614b6e69047950cc4b69c14bc1b7af8ae685c493da6e9dd2e69

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20220603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28387
x-xss-protection
0
server
sffe
etag
"1290 / 59 of 1000 / last-modified: 1659132299"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Jul 2022 17:58:09 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 12:47:11 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
age
18657
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.ntd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
tFBL_-i108L2igu0LCZq9se9I2ATlrwg8Fho-fjUirL0-2knudKvSQ==
NTD_logo.png
www.ntd.com/assets/themes/ntd/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 19:44:39 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"5ed94f27-f46"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds214.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
3910
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
footer-app-logo.png
www.ntd.com/assets/themes/ntd/images/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/footer-app-logo.png
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 20:32:31 GMT
server
nginx/1.12.2
x-microcachable
0
etag
"606f685f-122fe"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds219.fr8.c
content-type
image/png
cache-control
max-age=315360000
content-length
74494
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
RingsideCondensed-Semibold.otf
www.ntd.com/assets/themes/ntd/fonts/ 		123 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.ntd.com/assets/themes/ntd/fonts/RingsideCondensed-Semibold.otf
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 06 Jul 2020 17:40:24 GMT
server
nginx/1.12.2
etag
"5f036208-1eb2c"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds232.fr8.c
content-type
application/octet-stream
cache-control
max-age=315360000
content-length
125740
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/global.css?ver=202111291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 06:06:18 GMT
x-content-type-options
nosniff
age
215511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 06:06:18 GMT
geo
subs.youmaker.com/rules/ 		116 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/geo?siteid=www.ntd.com
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
296f07f7e7ba1614b6e69047950cc4b69c14bc1b7af8ae685c493da6e9dd2e69

Request headers

Accept
*/*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
count
sc.youmaker.com/site/article/ 		140 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sc.youmaker.com/site/article/count?site=www.ntd.com&user=9db934bc-bd44-24af-dc9c-7253fb5f5007&postid=817379
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.97.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.97.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9bed17cf3af8c3da50b3382bdb07d355e5603a8e1c52b93650fdb11902e444eb

Request headers

Accept
*/*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
server
nginx/1.20.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
content-type
application/json;charset=UTF-8
nest_newsletter_cif.jpg
www.ntd.com/assets/themes/ntd/images/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ntd.com/assets/themes/ntd/images/nest_newsletter_cif.jpg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/assets/themes/ntd/css/single.css?ver=20220324
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 31 Aug 2021 14:03:31 GMT
server
nginx/1.12.2
etag
"612e36b3-1de33"
x-hw
1659290288.cds282.fr8.hn,1659290288.cds205.fr8.c
content-type
image/jpeg
cache-control
max-age=315360000
content-length
122419
accept-ranges
bytes
x-device
desktop
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2588c50b9c41fe70411e569c25b59fbfa6c17909a9e5e900b8638145a312fd71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Sun, 31 Jul 2022 17:58:09 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=968597409&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&dp=%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&ul=en-us&de=UTF-8&dt=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1504662923&gjid=2069906998&cid=1323838124.1659290289&tid=UA-128455718-1&_gid=668070684.1659290289&_r=1&_slc=1&cd1=9&cd2=112&cd3=%3Bbusiness-5986%3Bnews-8%3Bus-9%3B&cd4=%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd5=%3Bbusiness-5986%3Bnews-8%3Bus-9%3Bfrnt_category_headings-6048%3Bfrnt_latest-6043%3Bfrnt_original_articles-12413%3Bfrnt_top_stories-6042%3B&cd21=817379&cd22=mimi-nguyen-ly&cd23=Mimi%20Nguyen%20Ly&cd26=US&cd28=%3BBusiness%3BNews%3BUS%3B&cd29=%3Bbanana%20boat%3Brecall%3Bcancer-causing%3B&cd30=20220731&cd31=20220731&cd33=368&cd38=112&cd42=%3Bbanana-boat%3Brecall%3Bcancer-causing%3B&cd43=post&z=583536357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 06:31:01 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
41229
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
CCWOPLJfdVmrZKDQvcD12zPEG5SN6B6B13jj0lAqrwbKXNy7OQ-6Dg==
embed.js
comment.youmaker.com/web/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/embed.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
last-modified
Sat, 23 Jul 2022 15:56:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7637
app-version
0.1.2
counter.js
comment.youmaker.com/web/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/counter.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
last-modified
Sat, 23 Jul 2022 15:56:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2305
app-version
0.1.2
get
subs.youmaker.com/template/ 		165 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/get?tid=signin&sid=www.ntd.com
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
get
subs.youmaker.com/rules/ 		14 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/rules/get?sid=www.ntd.com&pid=cb2269f6-6646-4b96-b401-bbe360214e59
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
c
ea.youmaker.com/api/pw/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Queens, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ntd.com
date
Sun, 31 Jul 2022 17:58:10 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
t
jadserve.postrelease.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
404e0b0c9796d977edd59106119d0ff0c6da4ca6a8c51e2f2b1986049846268c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1151
expires
Mon, 1 Jan 1990 12:00:00 GMT
c
ea.youmaker.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Queens, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ntd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.20.1
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128455718-1&cid=1323838124.1659290289&jid=1504662923&gjid=2069906998&_gid=668070684.1659290289&_u=YEBAAEAAAAAAAC~&z=1836920479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 31 Jul 2022 17:58:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show
subs.youmaker.com/template/ Frame B000 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ4NDclMkMlMjJsb25naXR1ZGUlMjIlM0E3LjE0NzclN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
auth
subs.youmaker.com/subs/ 		40 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&nid=2200&subscribed=
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
auth
subs.youmaker.com/subs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/subs/auth?siteid=www.ntd.com&planid=cb2269f6-6646-4b96-b401-bbe360214e59&nid=2200&subscribed=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ntd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Rendora-Type
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.ntd.com
allow
GET, POST, PUT, DELETE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.20.1
via
1.1 google
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b3&cv=3.8.0.210223&ns__t=1659290289226&ns_c=UTF-8&c7=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&c8=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&c9=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
eXKmQlUuSOVSZxeeHiNe7faWvMzAu4r8FcTA4ICQk1S84aL3E1QqNg==
x-cache
Miss from cloudfront
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=39ddaaf2-a254-46f2-a3f9-1a00bb030d25&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab95b7d8-9cdd-4053-9480-4ec53fb58938&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyi8c&type=javascript&version=2.4.15
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
109
date
Sun, 31 Jul 2022 17:58:08 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
d4e72d8fa61514b99a973e7209a096ce2be7dc8c1792d3ffbbc29dab2031f279
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=39ddaaf2-a254-46f2-a3f9-1a00bb030d25&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab95b7d8-9cdd-4053-9480-4ec53fb58938&tw_document_href=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyi8c&type=javascript&version=2.4.15
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
105
date
Sun, 31 Jul 2022 17:58:08 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e9681a5d75a5af12bfe071a985356ec4fa0402ce3bccb4bb4f774f9ff67bcc29
content-length
43
97-79f00736cc0d1881e9df.js
js.chargebee.com/v2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.chargebee.com/v2/97-79f00736cc0d1881e9df.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-75.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4064205ee8ddf8b3f26a380124a201ffef40512041ffef8ed31ce676ebedfe46
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
tUS2AZ_RNjA5uNCLm.lljVQBygmWNxuV
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 19 Jul 2022 07:18:03 GMT
server
AmazonS3
age
41
etag
W/"4c47a66996dead8abcf0a34af0d420ad"
strict-transport-security
max-age=300; includeSubdomains; preload
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
max-age=300,public
date
Sun, 31 Jul 2022 17:57:29 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
coUE9tI4Y1uQv-7M90vgTg4OfwBcAb5X_AK4fhwqKsS7JqEy-NrhuA==
95162.js
mixi.media/data/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mixi.media/data/js/95162.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20220606
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
67089776eb48907fb7f72377e74e71d868853ae28310600f11bc473ba65d8e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Last-Modified
Sunday, 31-Jul-2022 17:58:09 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ 		381 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Origin
https://www.ntd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154709
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 17:02:27 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4068061&ntv_pl=1164748
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=2c357016-96cf-421e-9415-3c9c06a84267&ntv_fl=EYH3iMOdbf20C_n4ku6A3wwTL9oMmpwUnkiYOJ69D3awpMxzmDJ_-7CFSSjAJUoSJzkqvQ9hkMWCR4WyCI2fm7H8r0SCqmwX6wzL9d2WT7Po6wiDMZV6PcaQ_HhEIzHlIV_RqdO2bkLvhav-mmx4MbgZgysMzWtAMnx2aZqJieOavy_m07ZV5_haYGYDcKWzp-mhlKZRoloHPA7LDRQz14iOf-qZBXpPbhJnTxj3n0neVNLLnpAEB5cARlvW96fUEpA3fVTCpRHNebQMs5QVdg==&ntv_ht=scLmYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAB8cRA&ord=1659290289259&ntv_it
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=453c951d-69ca-45a3-9f6a-c7d5710825b6&ntv_fl=PLjyRKDmYPlVfrSdyHSYropbZ_TbDhEcd8-J-KEzJ7K3LysSMc4uW-GGDM7TM9SCarqNnbFUBomZLbdeXmzoOZSfm5fBD-qX6MTpafaR3j6XPPwnOV1iH628D40YPmyu8aXoAcTJy6nHEvEktOMEXyTCKSALqj--z7K7UF_j5ulzE_tnIBPx6LY37FhxvFmfuFKwW3cqXWZc_7A7f6BTw3eEnGSzuG2Q8DRHfLfYQT5WrmEvCgDOo-qE8lpjfk0VMOaKKRQbx-e4oJxYLO7KGw==&ntv_ht=scLmYgA&ntv_at=303&ntv_a=AAAAAAAAAAzMURA&ord=1659290289260&ntv_it
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=453c951d-69ca-45a3-9f6a-c7d5710825b6&ntv_fl=PLjyRKDmYPlVfrSdyHSYropbZ_TbDhEcd8-J-KEzJ7K3LysSMc4uW-GGDM7TM9SCarqNnbFUBomZLbdeXmzoOZSfm5fBD-qX6MTpafaR3j6XPPwnOV1iH628D40YPmyu8aXoAcTJy6nHEvEktOMEXyTCKSALqj--z7K7UF_j5ulzE_tnIBPx6LY37FhxvFmfuFKwW3cqXWZc_7A7f6BTw3eEnGSzuG2Q8DRHfLfYQT5WrmEvCgDOo-qE8lpjfk0VMOaKKRQbx-e4oJxYLO7KGw==&ntv_ht=scLmYgA&ntv_at=323&ntv_a=AAAAAAAAAAzMURA&ntv_jtr=2&ntv_it
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1165063&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.230.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-230-96.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1323838124.1659290289&jid=1504662923&_u=YEBAAEAAAAAAAC~&z=3922220
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-128455718-1&cid=1323838124.1659290289&jid=1504662923&_u=YEBAAEAAAAAAAC~&z=3922220
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022072102.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131883
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 17:43:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jul 2023 17:24:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		239 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ntd.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c6547b2a8866e61b15cfcefb2ddb03aebe0ce6dd03d9bcbb66b4bb4901407311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sun, 31 Jul 2022 17:58:09 GMT
counts
comment.youmaker.com/api/v1/ 		198 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/counter.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
27589c7e170c9aa0228a9973613c41eb4e58c3942614a89cd1019462c1914a6f

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
pragma
no-cache
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ntd.com
expires
Thu, 01 Jan 1970 00:00:00 UTC
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
app-version
0.1.2
iframe.html
comment.youmaker.com/web/ Frame A6F2 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
0011a11726bf0bbfcf1f2f4406071b3ee90f4b231f1aec792c9c4cb6ab5e90fe

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
content-length
4209
content-type
text/html; charset=utf-8
date
Sun, 31 Jul 2022 17:58:09 GMT
last-modified
Sat, 23 Jul 2022 15:56:39 GMT
server
nginx/1.20.1
via
1.1 google
x-robots-tag
noindex
anchor
www.google.com/recaptcha/api2/ Frame B473 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
345463ceee58851a53c4a5b3e6c85dcab8abb53c23a85bea3eaf3087d0b7eb4f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YIThpfJ4rHfdVfQ7JzcwWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22207
content-security-policy
script-src 'report-sample' 'nonce-YIThpfJ4rHfdVfQ7JzcwWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 17:58:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jsapi.v5.12.0.en_US.js
static.mixi.media/static/jsapi/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Mar 2022 07:51:02 GMT
Server
nginx
ETag
W/"62455d66-3eabf"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp2.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Mon, 30 Sep 2019 14:11:01 GMT
Server
nginx
ETag
"5d920cf5-1849"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6217
/
target.mixi.media/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.mixi.media/init/?blockid=95162&siteid=49639&bw=1600&bh=1200&rnd=3670752754302
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Target-Version
2
Date
Sun, 31 Jul 2022 17:58:09 GMT
X-Target-Final
20220731205809-0
Server
nginx
X-Target-Host
target2-1.ssel23
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00043
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Sun, 31 Jul 2022 17:58:08 GMT
counts
comment.youmaker.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/api/v1/counts?site=www.ntd.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ntd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.ntd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
app-name
remark
app-version
0.1.2
author
EMG
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
0
date
Sun, 31 Jul 2022 17:58:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
nginx/1.20.1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 google
x-robots-tag
noindex
userId.bundle.js
subs.youmaker.com/lib/ Frame B000 		199 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subs.youmaker.com/lib/userId.bundle.js
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ4NDclMkMlMjJsb25naXR1ZGUlMjIlM0E3LjE0NzclN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.243.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.243.244.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
4722924fad75e0845ad71c0ab7525885b3c90fc524a07cbd08c059e9b2f145b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subs.youmaker.com/template/show?tid=signin&sid=www.ntd.com&v=1&ck=JTdCJTIyZXBvY2hfdXNlcl9pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Nlc3Npb25pZCUyMiUzQSUyMiUyMiUyQyUyMmVwb2NoX3Rva2VuJTIyJTNBJTIyJTIyJTJDJTIyZXBvY2hfc3Vic2NyaWJlZCUyMiUzQSUyMiUyMiU3RA==&pl=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&u=JTdCJTIyaW5mbyUyMiUzQSU3QiUyMmlkJTIyJTNBJTIyJTIyJTJDJTIyZW1haWwlMjIlM0ElMjIlMjIlMkMlMjJwaWN0dXJlJTIyJTNBJTIyJTIyJTJDJTIybmFtZSUyMiUzQSUyMiUyMiUyQyUyMmZpcnN0TmFtZSUyMiUzQSUyMiUyMiUyQyUyMmxhc3ROYW1lJTIyJTNBJTIyJTIyJTJDJTIycmVnaXN0ZXJEYXRlJTIyJTNBMCUyQyUyMmlzRW1haWxWZXJpZmllZCUyMiUzQWZhbHNlJTdEJTJDJTIyZ2VvJTIyJTNBJTdCJTIyY291bnRyeSUyMiUzQSUyMkRFJTIyJTJDJTIyY2l0eSUyMiUzQSUyMk5XJTIyJTJDJTIydGltZXpvbmUlMjIlM0ElMjJFdXJvcGUlMkZCZXJsaW4lMjIlMkMlMjJsYXRpdHVkZSUyMiUzQTUxLjQ4NDclMkMlMjJsb25naXR1ZGUlMjIlM0E3LjE0NzclN0QlMkMlMjJzdWJzY3JpcHRpb24lMjIlM0ElN0IlMjJzdWJzY3JpYmVkJTIyJTNBZmFsc2UlMkMlMjJwbGFuSWQlMjIlM0ElMjIlMjIlMkMlMjJleHBpcmF0aW9uJTIyJTNBMCUyQyUyMnN1YnNjcmlwdGlvblR5cGUlMjIlM0ElMjIlMjIlMkMlMjJzaXRlSWQlMjIlM0ElMjIlMjIlN0QlN0Q=&tn=ENTD%20-%20signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
last-modified
Wed, 27 Jul 2022 21:58:52 GMT
server
nginx/1.20.1
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203652
styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame B473 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 16:45:31 GMT
x-content-type-options
nosniff
age
177158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52582
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 16:45:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame B473 		381 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154709
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 17:02:27 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&pid=vTrlNJ8mTyBpU&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22article_top_ads_inner%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
Y59BGVCB7VC01H030HXE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Sg5F_bMSwDi38De6OPHX1FAULk2i8rsrjbwW4gNfDFr5NXUh8nj4Sw==
cookie_sync
prebid.adnxs.com/pbs/v1/ 		534 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3c15db5f59b3404361f68a830d61e28e37b6311ac3914e1d4f25793635c4568b

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		249 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
09651ad39778bdf875d95a74bd58f43043f8f1a21ee08f248b17dcd57adeace8

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.219.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
249
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a47482049590e8357eeaf428d366d9be61fa493356da94d508c1eb9cdbd692bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
56a054d8-689f-43b9-9be8-bbfa13b0518d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ntd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		588 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1409302&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.page=https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html&tg_i.domain=theepochtimes.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_header_728x90&tk_flint=pbjs_lite_v6.23.0&x_source.tid=decbac20-3e75-4140-b8b3-2a69590bbbe6&l_pb_bid_id=109fdd994f565f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_header_728x90&slots=1&rand=0.3518695950041184
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a7babd2fcaaab270d34bda21a67d72828ee8588deb2343beb8f4596039190357

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
588
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360717&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221151da92595f7af%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aef72cc1e0818%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360717%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_header_728x90%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a67b72c290c93389da4ac7869c0cd8b5592c47c63b6efccb2f86d44c80d4ab0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIohVvnFBnFAQ%2BF2X%2BFVIyfzNQX5zsk%2BfG%2FBMV2OKnIUlxIt3u317NYX6MtcGTO7%2BDDCJaJ20e7uqJS%2BFXnHKWzFsTNyy5YyrGJN5Y25VkdX9Y8ZA1RYMulIyfMwvojY3qqk%2BB7I"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73383875d92892a7-FRA
expires
0
prebid
exchange.postrelease.com/ 		0
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165175&ntv_pb_rid=15b7169a63a974c&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYXJ0aWNsZV90b3BfYWRzX2lubmVyIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjB9&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.61.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-61-45.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&pid=vTrlNJ8mTyBpU&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22first_in_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
DNHEEPY466P3W758Z3SM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
-5KJcYlKRDJfCod0mhu2y5gwHfcSihdPOXRh-eCEPgvrtaBLP9nEDQ==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		249 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d9bbbfdaa50913a1ff05a4320913fc373fea308140eeb4358ba64c0b6e35a756

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.219.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
249
Expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ntd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4599e2d8d62da18cf901cf586dd7ef85e5aae95e1332cade934964f52a42a9ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
27858509-0b9f-4fee-a4aa-0e2b471b8654
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		585 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.page=https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html&tg_i.domain=theepochtimes.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_inside_336_1&tk_flint=pbjs_lite_v6.23.0&x_source.tid=3990b5f1-4c4a-4a70-84df-6ad846b3ff87&l_pb_bid_id=264792f315a73a2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_inside_336_1&slots=1&rand=0.26547685919180863
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f80176d492ebfcfa398970bb192f2b4c402680ffb96d5ab7f3d82b091865d96

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
585
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
exchange.postrelease.com/ 		0
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165180&ntv_pb_rid=27801e21a27ae44&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZmlyc3RfaW5fYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjAsImZpcnN0X2luX2FydGljbGVfYWRzIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.61.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-61-45.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360718&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22296041cc7c9d19b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230e2d0c8b9002b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360718%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_inside_336_1%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8381f39e53ff782bb9ab1d21fa5a53c097fd19cf37c09e7cf141db98a6fc8636

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mF9pQ0jKTA%2F4VJF5fT8mnUiIy4dG45ovJrbLeLOy9dwuLDTQJ5hv3RvjuQJVGqxhS%2F%2Fk1Rd5rNfUHxth4iYVHUE4tD72B36ohczn%2BHA2Addx6RGw13UJcpkpDI6DBM4FLik15Ju"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73383875d92992a7-FRA
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&pid=vTrlNJ8mTyBpU&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
BS5A3YYE1TN8B38TQN4Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
Rus9PHte0ofVHuOKOyDm_x7PqubkX5Bfh84dNMbnHEhGhIssEypESw==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		249 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
02e4e516aff9c5c5364fb13f045d5b1b8e8ba29aadff878442c6d4197018edc5

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.219.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
249
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		586 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.page=https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html&tg_i.domain=theepochtimes.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=115e0e50-3b86-4295-b186-ffeb9f1193fd&l_pb_bid_id=379a394d83691f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.8148270769822197
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
572d8e9ab9fd904dbde518f5cee0a7e6256e45c57d1d3d45c8419b8a423cd3fb

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
586
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a792ac9f3c4d887c13275d1699b75d2cc8616a774dc2afbd315142da249a2ec6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8010fb3e-8eed-4984-8e26-0fe189d7467e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
exchange.postrelease.com/ 		0
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165183&ntv_pb_rid=4085ffd92a3fe0a&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjAsImZpcnN0X2luX2FydGljbGVfYWRzIjowLCJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.61.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-61-45.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ntd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/ 		37 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224422e975dcf1e1b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245bd922b75aa10b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78bc2d2750be6b053a3a151669c47fed3142449eb4d6e6c4608cb11a0f8010df

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx24rFXX2BgOFPz4Akxn%2B69r3dbb2orCnb9N6JCFJyF3FMnk3if%2BtnKQoTREn6Hx71bgm52mYpvcBrVCCdrcrnWepbIg0mDuuT75eugxTJqKNljY7owEuLew7bOEWthtsoTRmiuO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73383875d92a92a7-FRA
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&pid=vTrlNJ8mTyBpU&cb=3&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22right_column_ad_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
75ANBE6E3QD3Q0FYYN74
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.ntd.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
bdVseJoxWX2-1mtbb0MfEKSip7EcMDKXJqHo6vSJ6nD9zDrwJVKHcw==
auction
prebid.adnxs.com/pbs/v1/openrtb2/ 		248 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
03b40e8e91ad965faeab1b90a80085cdc77fe945ee2682c835782d5af3011eb5

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.3
X-Prebid
pbs-go/0.219.0
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
248
Expires
0
prebid
exchange.postrelease.com/ 		0
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1165170&ntv_pb_rid=51881f57164970d&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoicmlnaHRfY29sdW1uX2FkXzAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19XX0=&ntv_dbr=eyJhcnRpY2xlX3RvcF9hZHNfaW5uZXIiOjAsImZpcnN0X2luX2FydGljbGVfYWRzIjowLCJiZWxvd19hcnRpY2xlX2FkcyI6MCwicmlnaHRfY29sdW1uX2FkXzAiOjB9&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.61.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-61-45.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.ntd.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bcc0818875baf4cc960baf1a1acacef9a4b2b3092da9d399e56ac8d56ab56dff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
df756f39-10e2-4646-b8b1-8228751a7fb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360722&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22557863f463a3715%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html%22%2C%22domain%22%3A%22theepochtimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theepochtimes.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256d1a226733a0c3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22360722%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-4%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a3e3c6b0f243d13a585fd6e8713c4062939586b1c06f859bcb1c16c9272decf

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vS6IYcpLmhiYXw%2FMIN9uddkxxMdJXgkmajdvI75Q%2FhylOoirDoByXLXl4UYpCYNXpwT%2FeZW8FrxTYhX0zl5tCl1m1lNlBsAcgxYklGkGrSydzoq%2B8I7S5Cq5ST%2FfQDICtjXwoo8e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73383875d92b92a7-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.ntd.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		574 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&tg_i.page=https%3A%2F%2Fwww.theepochtimes.com%2Fbanana-boat-sunscreen-recalled-nationwide-over-cancer-causing-chemical_4633168.html&tg_i.domain=theepochtimes.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-4&tk_flint=pbjs_lite_v6.23.0&x_source.tid=af156176-58bb-4b2a-af7c-64319b1cb0ae&l_pb_bid_id=61e10d0e4d0f3a1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-4&slots=1&rand=0.4727674370431114
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8bd68be74f43faa8e77269094d2396e377ed0477537673e3f1439f8b52cad640

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
574
Expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		665 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=12207654856390&correlator=2976353783728725&eid=31064682%2C31068589%2C31060890%2C31067826%2C31062931&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1600640090&sfv=1-0-38&ecs=20220731&fsapi=false&eri=1&cust_params=ENTD_category%3Dbusiness-5986%252Cnews-8%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie_enabled=1&abxe=1&dt=1659290289585&lmt=1659290289&dlt=1659290288319&idt=1198&adxs=290&adys=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&frm=20&vis=1&psz=767x1718&msz=647x0&fws=0&ohw=0&ga_vid=1323838124.1659290289&ga_sid=1659290290&ga_hid=968597409&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5398071fecc9961df5efa0c1c074fa401050328bd4f9575f302c86f922034805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
383
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E518 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 17:58:09 GMT
expires
Mon, 31 Jul 2023 17:58:09 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
jsapi
mixi.media/newdata/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mixi.media/newdata/jsapi?action=news
Requested by
Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
df6c2ea36d19df815f500fac864bfb1a990faaccb29098b0f565c200fae2464a

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Last-Modified
Sunday, 31-Jul-2022 17:58:09 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.ntd.com
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Node
ads5-3sser15
us.gif
sync.go.sonobi.com/ 		49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26consent_string%3D%26gdpr%3D%26uid%3D%5BUID%5D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-7-14
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B473 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
428301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 02 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B473 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 18:11:11 GMT
x-content-type-options
nosniff
age
172018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 18:11:11 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B473 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 14:26:11 GMT
x-content-type-options
nosniff
age
185518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 14:26:11 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B473 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=na1c7bir1jam
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 31 Jul 2022 17:58:09 GMT
10299734.jpeg
static4.mixi.media/img/400x300/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static4.mixi.media/img/400x300/10299734.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
79a8895caf232ec1638d29e2cc7d0109b2ec2fe303aefb21a3071e065a1188ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Sun, 17 Jul 2022 11:22:59 GMT
Server
nginx
ETag
W/"62d3f113-b82a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
38622
10298191.jpeg
static3.mixi.media/img/400x300/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/10298191.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
8697e0602a23d0d4ecca0c9d1829f6840a4e529aa16832df4acb893fa4c0376b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Sat, 16 Jul 2022 14:19:16 GMT
Server
nginx
ETag
W/"62d2c8e4-b03c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
47352
10298189.jpeg
static3.mixi.media/img/400x300/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.mixi.media/img/400x300/10298189.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
33765fff8d067be11a0ba90c03f949a61fe9772c11024ce018daa06f4b6b9b5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Sat, 16 Jul 2022 14:18:37 GMT
Server
nginx
ETag
W/"62d2c8bd-b7c9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
54492
10332597.jpeg
static2.mixi.media/img/400x300/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.mixi.media/img/400x300/10332597.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
2703369bddabfadf3ee5d0747cad50ef2a00438db862e48ea5e02055608bc810

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Sat, 30 Jul 2022 19:57:02 GMT
Server
nginx
ETag
W/"62e58d0e-6b97"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
34511
10330247.jpeg
static7.mixi.media/img/400x300/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.mixi.media/img/400x300/10330247.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
d7f660744b45625e29c4f7b1a5cb8236f688ccf101f14a597f6e2abefa267349

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Fri, 29 Jul 2022 12:34:24 GMT
Server
nginx
ETag
W/"62e3d3d0-10d9e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
56544
10268490.jpeg
static5.mixi.media/img/400x300/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.mixi.media/img/400x300/10268490.jpeg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
6df470a4b40be62f0400ec013c449c5592359b6f5f7789dba6ff61efed87f4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Mon, 04 Jul 2022 07:17:57 GMT
Server
nginx
ETag
W/"62c29425-15ba5"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
41678
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=12207654856390&correlator=2976353783728725&eid=31064682%2C31068589%2C31060890%2C31067826%2C31062931&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_336x280-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&adks=2760480871&sfv=1-0-38&ecs=20220731&fsapi=false&prev_scp=first_article%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dbusiness-5986%252Cnews-8%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3Db9aace6b16414c95-2281959a72d400d2%3AT%3D1659290289%3AS%3DALNI_MZ5VLBcAEZhqpGE2AzzccLBpNIxWQ&abxe=1&dt=1659290289772&lmt=1659290289&dlt=1659290288319&idt=1198&adxs=1028&adys=673&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&frm=20&vis=1&psz=372x0&msz=372x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1323838124.1659290289&ga_sid=1659290290&ga_hid=968597409&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f39ed000f48107a0f85fb4c790e04d8eda262505871cd41f7795b86d0e95ae34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10890
x-xss-protection
0
google-lineitem-id
5937047658
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383180265
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=12207654856390&correlator=2976353783728725&eid=31064682%2C31068589%2C31060890%2C31067826%2C31062931&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fifs&iu_parts=5965368%2Cntd.tv_article_header_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=3&adks=1030851624&sfv=1-0-38&ecs=20220731&fsapi=false&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ENTD_category%3Dbusiness-5986%252Cnews-8%252Cus-9%252Cfrnt_category_headings-6048%252Cfrnt_latest-6043%252Cfrnt_original_articles-12413%252Cfrnt_top_stories-6042%26site%3Dwww.ntd.com%252Cntd.com&sc=1&cookie=ID%3Db9aace6b16414c95-2281959a72d400d2%3AT%3D1659290289%3AS%3DALNI_MZ5VLBcAEZhqpGE2AzzccLBpNIxWQ&abxe=1&dt=1659290289783&lmt=1659290289&dlt=1659290288319&idt=1198&adxs=200&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&frm=20&vis=1&psz=1200x0&msz=1200x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1323838124.1659290289&ga_sid=1659290290&ga_hid=968597409&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
77b3fff9b0e445383c36733afa28aaec7965f916f4018beedba5a9f107d9070b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10514
x-xss-protection
0
google-lineitem-id
5900320489
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138379156719
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ntd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
stat.media/counter/ 		450 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=COeDAxIkYTY4NmE3ZjMtZTMzNy00YTM5LTk2OGUtNDQ1ZTk1YTVlMzgzGNGJoqulMCIkOGEzYTg1OTYtNjE1Ny00M2I4LTlhYWUtZDgyNzZlYjY4ZjQ0&cb=_callbacks____0l69mlhne
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp2.imcmdb.net
Software
nginx /
Resource Hash
9c34382282ec26fc9e106fe71a2cae792a26e48085aad1ba328ea985efe84ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
remark.css
comment.youmaker.com/web/ Frame A6F2 		86 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.css?v=2022062509
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
last-modified
Sat, 23 Jul 2022 15:56:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
text/css; charset=utf-8
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88461
app-version
0.1.2
remark.js
comment.youmaker.com/web/ Frame A6F2 		315 KB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.youmaker.com/web/remark.js?v=2022062509
Requested by
Host: comment.youmaker.com
URL: https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.33.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.33.120.34.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
f54c2e8bda3af801a52d3b580e982f4317166bc8a79486b88b69647a1e7e6246

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.youmaker.com/web/iframe.html?host=https%3A%2F%2Fcomment.youmaker.com&site_id=www.ntd.com&components=embed%2Ccounter&url=www.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&url_id=817379&page_title=Banana%20Boat%20Sunscreen%20Recalled%20Nationwide%20Due%20to%20Cancer-Causing%20Chemical&provider=youmaker&token=&theme=ntd&toolbar=true&max_shown_comments=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:09 GMT
via
1.1 google
last-modified
Sat, 23 Jul 2022 15:56:39 GMT
server
nginx/1.20.1
author
EMG
app-name
remark
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322947
app-version
0.1.2
/
mixi.media/cookiematching/ 		43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGE2ODZhN2YzLWUzMzctNGEzOS05NjhlLTQ0NWU5NWE1ZTM4MxoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNjU5MjkwMjg5MzYxGgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDhhM2E4NTk2LTYxNTctNDNiOC05YWFlLWQ4Mjc2ZWI2OGY0NBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1659290289861
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.66.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mixi.media
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Sun, 31 Jul 2022 17:58:09 GMT
Last-Modified
Sunday, 31-Jul-2022 17:58:09 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Jul 2022 17:58:09 GMT
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp2.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sun, 31 Jul 2022 17:58:09 GMT
Server
nginx
Connection
keep-alive
current
prebid-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26uid%3D
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:10 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
config
comment.youmaker.com/api/v1/ Frame A6F2 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d01126b57f8d337b12203e1ab7fb019f19aa0fb7cac9bd6642cdc41ac524b8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10466
x-xss-protection
0
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.24 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp2.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sun, 31 Jul 2022 17:58:10 GMT
Server
nginx
Connection
keep-alive
ge.js
s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.131.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
7360c787d0c4e565e0e700288481fd4847a6cc409ab0e01b2cc56ec005596160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:11 GMT
Last-Modified
Thu, 30 Jun 2022 23:31:44 GMT
Server
AmazonS3
x-amz-request-id
RHPVR1MAWJ1RAZKG
ETag
"e47f91fd851d16da7e7d3e1fa7d3ba84"
Content-Type
application/javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
30517
x-amz-id-2
WPBcfvyFfeAdr3iEXavsRjqoRrnYysO9huwtkFeKFp27vLrIGQHLv5PVoUTeTU31a5jX+MYzFiU=
Expires
Sat, 30 Jul 2022 23:31:43 GMT
/
a.clickcertain.com/px/
Redirect Chain
  • https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
  • https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
  • https://a.clickcertain.com/px/?c=2455d1796b86efb
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/?c=2455d1796b86efb
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d9c032f84e7e644c0888cf5ae1f2c70203dccc34b75104d0e5e5086b1186d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:13 GMT
content-encoding
br
x-frontend
cc-nginx-79b446bdc9-9t6zb:cc-nginx-79b446bdc9-9t6zb
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
2e876ecc-1abc-433c-998b-0975a965ecdb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6pmOM31rRUxbHvYybLY0fq%2FacabL1hD0euAO6wgnxDT8h8hE%2FhYp37p%2BrmmbEXghqFT%2BwBaJ4IscM%2B0mCwB42sHeTKxMdnyiALN863pXb05mRjt0ILRVPb2%2BNirdApxMSaGcZdlryE4BEuE%2FATT6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
7338388bab0368fb-FRA

Redirect headers

date
Sun, 31 Jul 2022 17:58:13 GMT
x-frontend
cc-nginx-79b446bdc9-7m4vh:cc-nginx-79b446bdc9-7m4vh
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
947ea95b-4d3b-4b4b-aaf8-2fe6d8a16389
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FR2Xo6ZMIWsPJaaJIA9RWDvHIuU6D1yEQnONLY0SOEVL8n1h3Rt5JRQGH%2BH3o8Oc2lUn6I1lKb1JSOhdGWt52swEfCrcmfhj8CyPPmiq7OxGTsBQWmVWJ2CzEqvf1BoP2WTjNq04LU6KPriCg7k5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
location
https://a.clickcertain.com/px/?c=2455d1796b86efb
cf-ray
7338387a7a2b68fb-FRA
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfJaESa_rzBLGStPuuABDZZHqb1BAEgEDAHRNfV04oygrQXJBFTTPixfMJ8sAAcLWBnnKeE9dzyD2jceipFwE-v05Zb-vM9Bc_RBYNvEvNz3-QqNiTHrB5ic8aWNUSrr8Bs2OoexNMMnZ6_twWqwMl5WeTMSQzO8QKvKD1KYtTQkBoXfArtFOrAaaeoLfLaTBEXqhaoSzkEgVYNII8W5IGA3YMzEuqbX54Cgp7wEnlDKOZYcHsICNLJ_MeUxD7QlXlR7rLmbmLfP9YUQJg4JxEuHoK0LF6tZvAF9rzaVt1tpWDfnXzi5T-AvgUcoeiIgNUNOuY2z5zFumJTJQ1f4YCjhTneg&sig=Cg0ArKJSzIBohSEdPYwNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 31 Jul 2022 17:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 17:58:10 GMT
5613667137326213259
tpc.googlesyndication.com/simgad/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5613667137326213259?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f57003d228a59e5616ab6d408e658ec6448f9f77bc403b3cd56e596e0bc1ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 20:00:21 GMT
x-content-type-options
nosniff
age
251869
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223345
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 18:36:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 28 Jul 2023 20:00:21 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2I1hEque6qJKLamu6mfxmX104LTv8mBlqy7-D78dlMW7mGEeyzbhHVgyq0d80Kpp0eiCB_kuBACWBYtay20x4xBJK7CyM4BffdVdKhdbuxFIBVLRhTTIl6RzoCP52WCxVDyOeNjqm4luX-nqTV-qGGMHb_mmuR4h11LYjJ47aIDHX5b35FNihPlF9kyl9ghzttg3G2LTHdA3-3_z6BwM4B6eBNy6BC7C2_PZsfgnnl2DVVeiuI5dlnC0_DbduK24YGVsIRbmRUE4bMsp0EZuz5-4hAnqWs8kAlqojgkZqC7PB3Cm0txC0IRRIJ8emh65WQ0gtEvS_3w&sig=Cg0ArKJSzG0qMtBpDRKtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 17:58:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 31 Jul 2022 17:58:10 GMT
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
174968ade2c26e2e45fd808e1c4539631126b8641c997bb5085eeb20657be0ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
lc2.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/lc2.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/storejs/a/5N0H11N/ge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:1200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e6d52fb9d798bb53b7b50602d6c2bb5c057745e9ec8d43772118b37115a34288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 00:54:16 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
age
61435
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
VIE50-P1
content-encoding
gzip
x-amz-cf-id
ZvNk5Z_Klel6LdOSlUUJuZR4ka7divoVdGxjG75g8rzNf0EA3udRhw==
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-ca...
  • https://rp4.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-c...
13 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
35.168.71.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-71-120.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:11 GMT
x-pixel-event-id
916e49b0-876e-49b5-b666-29f82d27fe5e
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
dfdfe77f3adcfde9
request-time
0
content-length
13
x-content-type-options
nosniff

Redirect headers

date
Sun, 31 Jul 2022 17:58:11 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1659290291291&se=e30&duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&tna=v2.4.0&pu=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html&wpn=lc-bundle&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.ntd.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
0df34fda754ccea5
request-time
0
content-length
0
x-content-type-options
nosniff
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbpnZ7FjSWbNVxOP0nKUQxYnwUkeEjj11a0_AX6uRjDjVq9ACYLNJl-9F9wGqNaZREp05wxniwLPJAvdqTKME50TgqMdCZ5xAUJprdyoybLMlLs7mp&sig=Cg0ArKJSzL2WjwPFwVMFEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220727&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2760480871&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659290288157&rpt=2238&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame BE23 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A5BF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 Aug 2022 17:58:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 30D0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 56A4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 Aug 2022 17:58:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3A2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1659290289611
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame A532 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame B990 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1659290289610
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2B8C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 Aug 2022 17:58:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A67F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1659290289610
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame F3BF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-198.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"623de86a-cf34"
Expires
Mon, 01 Aug 2022 17:58:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 2220 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1659290289610
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame AE70 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5031 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.ntd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 17:58:11 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5031 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63460
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Mon, 01 Aug 2022 11:35:51 GMT
usermatch
r.casalemedia.com/ Frame E04C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a07374b81f38fadf47b5145dc73876c30554db128d8c09b1e6995b77a22616e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73383884e9c59c0c-FRA
content-encoding
br
content-type
text/html
date
Sun, 31 Jul 2022 17:58:12 GMT
dropped-udsids
230|39|241|45|196|8|218|195
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvm%2FVtOFmFPBQvlFFZF9BKBsZlFlHlBtecYBIWmFHBROO%2BJTGcjXeVGEwQQfKa9x3grgdTIY92nIjVXjEp%2BoZenJgBmADFJYTbRJ%2BU5xjuYj%2FoedTGiuPBbXf%2BlFmJrQkjX2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7338388489dd9170-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 31 Jul 2022 17:58:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7gMG6ZPAGbIi2pudpb3zvyki09YaqxJj%2B0KJeqizPH%2F2jYNqVIaPBDou7sL6kqUcbZbbMp6OFZ%2B%2F1qrnYl53vCSS9CCiqoSxRFOsEc1HLTQp%2BybU94cIfh1yYu9xZ3LOHlz4IaDp%2FeMpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
r.casalemedia.com/ Frame 3777
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc40eab34ac4423ba9c0ec3ec231e8f0bd430bdd382232d444a165bb5bcb3e49

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73383884e9ca9c0c-FRA
content-encoding
br
content-type
text/html
date
Sun, 31 Jul 2022 17:58:12 GMT
dropped-udsids
39|45|241|230|130|13|5|191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tw1Mry%2F1PI%2BE1iPa65FcPZRGyxd2a1w%2BupVWvVh9roqtbSE80hROO%2FLmQ2bnrIZvCGNhXGBCWxQcKRuR6bNrvhZY2W9taO220kPeU%2FMENpCdsWlCdzkxKJQcskGwYqPu%2FdN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7338388489df9170-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 31 Jul 2022 17:58:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7GyYztrQ8%2BbgRURf4iNnp1jI%2FZw3kBFH%2Fy%2BMhnYpbaun0%2BMeYKRcj4Kco5Onh3ljFpZHuotV50fhAdTVjRKaGOnwDfG1EcVQbKheyo0JkxAH8rj3Qoz6ouONBPYlcy0vis39avUgr8huw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
r.casalemedia.com/ Frame 1D81
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f51ac72ea1099d1a4d64b06b96a521debb8b4cc983645de6788c67b168884de8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73383884e9c99c0c-FRA
content-encoding
br
content-type
text/html
date
Sun, 31 Jul 2022 17:58:12 GMT
dropped-udsids
230|39|45|241|64|24|41|73
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeXBv8gB7xU1sicNGtqLLdWAEoKNQxd3zufiZPrnkoGHfW8GacXcc0xQ3Iiz3lzRgI5pGW7jdCUrY0tLpu01joIA9zSBghvxtTPu5pPEKPN7yxgoETQgIzwAh3O3ElFnYzOn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7338388489e09170-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 31 Jul 2022 17:58:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsBsRty%2FgCI5YS9lcMiEx09BNgGe3EYQUTD4N7LgZm9FDRUPPmsvDKI%2BNaTOcs%2BcOg2yPoQMGcLU%2FFnmAM5Rehnwgtb%2FCvLMYvry8kuU277uo0cf0zaJXbryKowqJrgfBRpar93lrO3mwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
r.casalemedia.com/ Frame 0F3A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec26739e5c5fc87ceb656b3e93e505be0bce2aad03a76c7f44ac0de79295d02

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73383884e9cb9c0c-FRA
content-encoding
br
content-type
text/html
date
Sun, 31 Jul 2022 17:58:12 GMT
dropped-udsids
45|39|241|230|3|51|24|64
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbF3AfpNnl4FKTDXHE0R%2FkP8pGHPCkW4b6P9Urywfg85tIZmRTgfMnTOmwfphD0AaIGZAzzh1%2FO9koRdb6iSrBMl5U78fKMwMBNmzycjFT%2BmvbXv3tO9oG4PlK7RvoNlt1od"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7338388489e19170-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 31 Jul 2022 17:58:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9eBdy2XyzgkCk%2F30sUBgK2AxSkcjcQb2cooDslBG1ufoKVOUg6asL6ReVK31%2Bl5NeM0fHGp5%2FtsE%2F8%2Btbw48dcz0lD3owX3yvD%2FlTjPIlJ7BL3iFK1YSDEpAR%2B7mgxKjUmrOy%2B%2BEw1%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame A5BF 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:11 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c61f8a4-297d-4a2e-8514-c5c2d64f3c07
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2B8C 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:11 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9ab943d9-88ba-48d5-be8a-006e0d680859
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 56A4 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:11 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f660c7a-9b0a-41d8-a298-2350cd766b30
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F3BF 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:11 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e5638dd3-7f61-4ad4-876e-80e904374b00
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 5031 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 5031
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L69MLHHY-X-EO8E
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L69MLHHY-X-EO8E
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5363C6D1713F4AA3BAF70CDA6CA35E67 Ref B: FRAEDGE1407 Ref C: 2022-07-31T17:58:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXlHaBxKTQL5UBsnPn+HA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L69MLHHY-X-EO8E
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5031
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5TUxISFktWC1FTzhF
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5TUxISFktWC1FTzhF
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY5TUxISFktWC1FTzhF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5031
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmVhZjBjMDUxZDAzZjA0NmIzNzZjZGEwYTJiYzkxNGQ0MWU0Mzg2Yg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmVhZjBjMDUxZDAzZjA0NmIzNzZjZGEwYTJiYzkxNGQ0MWU0Mzg2Yg
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmVhZjBjMDUxZDAzZjA0NmIzNzZjZGEwYTJiYzkxNGQ0MWU0Mzg2Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5031
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENvOEFrNJZ0BP6VJGiyjiM8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENvOEFrNJZ0BP6VJGiyjiM8&google_cver=1
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENvOEFrNJZ0BP6VJGiyjiM8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 5031 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
ads.yahoo.com/cms/ Frame 5031
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L69MLHHY-X-EO8E&sigv=1&esig=2~58afa88baf36411284d4874d0a74400fc2bf33c4
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L69MLHHY-X-EO8E&sigv=1&esig=2~58afa88baf36411284d4874d0a74400fc2bf33c4
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L69MLHHY-X-EO8E&sigv=1&esig=2~58afa88baf36411284d4874d0a74400fc2bf33c4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5031
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/J8_DSa59v6f0eg1a7mWmSA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4901719269183188275
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4901719269183188275
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Sun, 31 Jul 2022 17:58:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4901719269183188275
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
casale
match.adsrvr.org/track/cmf/ Frame 3777 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3777
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCsykUVC124P6Xnmvv5gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383885dff09213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZC2Vi82k77Ih0smidMIMKlN7N4denAjQ5SCbf1nRnnsrzh%2F7Ts2%2F9wIy5Z%2F1CY2K60m70wDop8Qjr4H54DNAljBt90K4jji3xMiOrsjUc65c0LLLJ3LKMz9%2Fn2axKHkRYqvXTORWyuNGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3777
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AH6ZW3MGX6EWG4KK9YRR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
47W2WC45NK2PVHVWV9P3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3777 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 3777 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.162.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-162-73.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3777
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383885dff49213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MEci9X83aZ1erTKJRXU%2BWTlXm%2FOukW22EbilzJvQPAJpxxiaxCzeesNOz3KiRjgDaMSVxefH6fp2BZ5QVLLs4tL5eR6VjDWdJFppWQxO%2FPRMYcUEMhI0%2B7fN7teOhZ8n8XauBnljEYVlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sun, 31 Jul 2022 17:58:12 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
ix
ad4m.at/ad/sim/ Frame 3777 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
crum
dsum.casalemedia.com/ Frame 3777
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=de2f94de-5f47-139a-3e5ec8a5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=de2f94de-5f47-139a-3e5ec8a5
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383886cfdf5c85-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgTYsCyZdEg5SKCh%2Bfc0jDJL5tUyGWah5lHf8cdZ00sxAvkvse9chw5VM6ao69vLG0aPxVn3%2Bir2nI47%2FDhqJdNvMBDRiQpMSkH9KuvXfeFxpqozzm8yBC9LnP98IkK3xOIGSbTJ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

date
Sun, 31 Jul 2022 17:58:12 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=de2f94de-5f47-139a-3e5ec8a5
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3777 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YubCs9xz-AXJnRKkdhuf-wAA%261132
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
HIT
age
135
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
733838859f0f9055-FRA
expires
Sun, 31 Jul 2022 21:58:12 GMT
crum
dsum-sec.casalemedia.com/ Frame 0F3A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383885dfed9213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad7zN6Vje582BA%2FPHH27mk3gi90lT9J%2FzfiRTHdU76M5st1pEhw%2B4FfZmSAoa0pweA4abKnDACxcoTSyMSfswQd0RiKrYdv%2Ff0lZ3QEqa8yTCm0Z73jlFG1lQLrm6nc6qGYQXT%2FWLyfN%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0F3A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 0F3A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
77PGSJBR7800CHH06MXP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KEBK50FNX18JSYAGBN05
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs_MFPusveI6-SA_KKAAABLwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F3A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YubCs_MFPusveI6-SA_KKAAABLwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0F3A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d0fa62e6-c2b5-4a00-ae84-e475b691bd25&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d0fa62e6-c2b5-4a00-ae84-e475b691bd25&gdpr=1&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7338388c9ee79213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJjrwTCFgQhnOVFLpYxEkS58ynrPeb6i9s19hXqjf%2FCHY44%2FNQNyb6%2FJvu73Kyvdmcz%2FO%2BdOIYrtnaW%2BcWYaZ2GdKah06WD8jR8Sth8kzfCOlSEBiE9TY3zFM4VyxTpilCP2MWz2zsWoKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

Date
Sun, 31 Jul 2022 17:58:13 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d0fa62e6-c2b5-4a00-ae84-e475b691bd25&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Jul 2022 17:58:12 GMT
sync
x.bidswitch.net/ Frame 0F3A 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.141.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-141-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 17:58:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 0F3A
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a87ff975-c2be-4ebb-8001-5eba1080238f&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a87ff975-c2be-4ebb-8001-5eba1080238f&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf%2FAIQnJAf4LrPM7SAs%2FXz1PBko%2Ba8R6gVQMMhT4rU0%2Fkh5Otm0XpxcpYf8Ea%2BTwZaKRB1ioaf%2FDF2d1PXiRe3SwyRAmijqaB2NmnYNAKCa2ighUhQO%2FqEQhRvBHiQGTaPR8jz5pc1Stmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
73383885cfe59213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a87ff975-c2be-4ebb-8001-5eba1080238f&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray
733838859df3903c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0F3A 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0F3A 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YubCs-MFPusveI6.SA-KKAAA%261212
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
HIT
age
135
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
733838859f119055-FRA
expires
Sun, 31 Jul 2022 21:58:12 GMT
pixel
cm.g.doubleclick.net/ Frame E04C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YubCsykUVC124P6Xnmvv5gAABL4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E04C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E04C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E0R6EEGTVEP7627PFX0P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AX9YJAVEBH23ATGVBQHQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCsykUVC124P6Xnmvv5gAABL4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E04C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383885dfee9213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5X0GtvZ%2FD2DeJdtnnKTM%2FU2d8RKJbD4HAOQyw%2F6BQKJIAuBJSDOO%2Fa7O2MxGdhIgmuEB5HDxOZemq6IO4t8wNQMtrt%2Bt2AqR8jBlxRp%2B0xM4125sHY3wzFLTVfby4lDwv80ly4Bg7Beaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E04C
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64J9hAy%2BcECUKoXZM88yX2sXJBlXcauLLN%2BPJ5BQd2qbp%2BhTwbqhxev4C5QP8AexPsUZC3BFaAEvKOAS5zefkoCNmuY%2FgwJlCBDlZJLkrMTcK05mJdKGzndhbgyVXTngao11vGMn%2FCm6bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
73383886588e9213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

date
Sun, 31 Jul 2022 17:58:12 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame E04C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=280b4380-d26c-4909-9f8e-13205fd581ac&expiration=1690826292
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=280b4380-d26c-4909-9f8e-13205fd581ac&expiration=1690826292
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7338388789c89213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zlDw0%2F4WJ71bMXCDBq%2FKKe%2F0qnfbsLIEmnkgU6Wx1KRk7NnnoYPD03Q%2F27FC1vTVjHBG8Kn%2ByRnufy8HrPMpV%2B2NvH1RM%2F6%2Fh0NUUL6vOXe8HQCTIsBm4MoVUeqMi4dwSoezzsWq68B8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=280b4380-d26c-4909-9f8e-13205fd581ac&expiration=1690826292
date
Sun, 31 Jul 2022 17:58:12 GMT
server
Kestrel
content-length
0
ibs:dpid=23728&dpuuid=YubCsykUVC124P6Xnmvv5gAA%261214
dpm.demdex.net/ Frame E04C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YubCsykUVC124P6Xnmvv5gAA%261214?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-126-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame E04C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e3168eca-f514-464e-b5ec-562c690c0898
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e3168eca-f514-464e-b5ec-562c690c0898
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7338388779b99213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlVDW9SE1%2BlBGY%2BVOR83fZcHbmcZ5XMYs%2FAKtSpm9%2FnfNBMmJbyC4Gd01c%2BPbqGfqksGzJEeTSfJwfK2jcEi6ZL%2BZ3utdIIMIyRgXz8qpg2jvIekkogw77nf6ETNI%2FLHI8K2vzU2p9MGag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e3168eca-f514-464e-b5ec-562c690c0898
date
Sun, 31 Jul 2022 17:58:12 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame E04C 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YubCsykUVC124P6Xnmvv5gAA%261214
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
HIT
age
135
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
733838859f129055-FRA
expires
Sun, 31 Jul 2022 21:58:12 GMT
pixel
cm.g.doubleclick.net/ Frame 1D81 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1D81 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1D81
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YubCs9xz-AXJnRKkdhuf-wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
73383885dff19213-FRA
pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga3C1%2FvQVQoJZkCj7P5z4Tyr9fXpIcLqSuTd1ThNfa%2Bj5SMZ9umP857NuvI46kjzngqeeCx7PgB0TWFE%2FPDmT8CWMkjAXBZo8wNFmKEWBxZhL7kqu3wUQxc6nZFYLF8ZOki%2B0tXn7VuqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMFtXIbjhy0R6g6UNgkOsvw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1D81
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
94CBRXN5KT9Z6RSKXZ82
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5AHVZ7WDYEMG50ER63WY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1D81 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D81
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=21650ed4-a2a9-419d-9f61-c4f112547f38&us_privacy=null&gdpr_consent=null&gdpr=1
43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=21650ed4-a2a9-419d-9f61-c4f112547f38&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQ17ay4CKjAUkNrxudYtjQEC%2BJJQBAVT5KlRrBvcGymtdZJkUG3Le7zTSB%2BOQs7TOupOKxf8qM1J6JlF0vVVu4hXfx4aNzAT0in1O4IBnMpzq5ItIigWfBH27XNUyVKCAPHSRORiqYbMmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
73383885cfe69213-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=21650ed4-a2a9-419d-9f61-c4f112547f38&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray
733838859df5903c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
bridge
cm.adgrx.com/ Frame 1D81 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1D81 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YubCs9xz_AXJnRKkdhuf_wAABGwAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6b06:26e1:4300:34b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1D81 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YubCs9xz-AXJnRKkdhuf-wAA%261132
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.ntd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:12 GMT
cf-cache-status
HIT
age
135
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"902a3d-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
733838859f149055-FRA
expires
Sun, 31 Jul 2022 21:58:12 GMT
async_usersync
ib.adnxs.com/ Frame A5BF 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
23a2d234-ccab-404a-b084-26166aca6e05
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2B8C 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9cdf6c46-ad0b-407e-8af6-c663dcc98630
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 56A4 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
18c1ad80-6c4b-491a-840d-6a0234f09d60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F3BF 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Jul 2022 17:58:12 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ac47de92-ab2c-49d6-836c-0f657245b748
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
push_notif_ntd.js
services.epoch.cloud//public-labs/src/push_notifications/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Feb 2020 19:08:58 GMT
server
cloudflare
age
4044
etag
W/"5e4d87ca-189e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GprmRTdPMYXDBUm5ZddWhud0OPVV8YQMgC7UP4xsvB9HvZeQ0WaWSrS3295aAkkAZlEw6NZbYKDzFoVTmUu3dbaqI433Wd0lO4apKCECW4lkWGXLwwyqNuqeTVhvjAeDf3%2BkOGmLxzyFDKePpD%2FmqxywHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7338388c5c4f9954-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cbb358742efbe80005a15256de11d533.js
clientcdn.pushengage.com/core/ 		93 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1659290288690
Requested by
Host: www.ntd.com
URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-99.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
6e68201b739bf66b09f1bfadfef7696bb50d5b7ec34e1274cb29b5c1e606411c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:13 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
VIE50-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-id
MZzJ6ToyYuNd8M8bCSWnhPdPEE4TluWPvk_TUFQavM5yygktqw_d3g==
via
1.1 03f23a59e296041c07602d699fc87484.cloudfront.net (CloudFront)
/
a.clickcertain.com/px/cont/ Frame 735B 		951 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&cn=DE
Requested by
Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=banana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba94d9ad141b3669ef618aa52741e6ca850103ce1c82691f184629f46495c572

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7338388d5d3e68fb-FRA
content-encoding
br
content-type
text/html
date
Sun, 31 Jul 2022 17:58:13 GMT
etag
W/"OTU3ZWM0ZmJnNWUyNGc0YmZlZ2E5MWZnYjQ3YWMyOGMxNDliLXow"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8YP2W6MeX4uqfShh6tm%2FdYc1fazpSJQm3FMJgOMurHA9agPk0L1EZSTnesFX5fe2rXc9PE%2Bfzg%2BUaWkkPyiLoDrCRa%2FBrXz%2Bvbz6%2FXX9pGJW%2FVCGF0LA0aDFFExUzNGLfCJA%2B82PmblUek5ZYz6SA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frontend
cc-nginx-79b446bdc9-59s86:cc-nginx-79b446bdc9-59s86
x-requestid
27652aae-2379-4a82-ac3f-c68112d667bd
/
a.clickcertain.com/px/ta/ Frame 735B
Redirect Chain
  • https://a.clickcertain.com/px/ta/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
  • https://a.clickcertain.com/px/ta/?done=true&ta_id=7b010469-6568-4a05-be86-8f716250b61c
0
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.clickcertain.com/px/ta/?done=true&ta_id=7b010469-6568-4a05-be86-8f716250b61c
Requested by
Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&cn=DE
Protocol
H2
Server
2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.clickcertain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 17:58:13 GMT
x-frontend
cc-nginx-79b446bdc9-27drq:cc-nginx-79b446bdc9-27drq
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
62b06f99-830d-432f-b42c-706fc34ae25d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYJByDDzYLTktkmGO8nE0tA7iTg5HhOxqnfa%2Bi85HxU3CIpL4UQlsn0Po7p6Ztdo4MHow71q9EuNFr36Er2UcguzQO%2FHRlZMHuVajMpki92ls6jv9DAUHFZovYzoHhTK7EKiUScKAUCKyL%2BTrxHT%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7338388f784c68fb-FRA

Redirect headers

location
https://a.clickcertain.com/px/ta/?done=true&ta_id=7b010469-6568-4a05-be86-8f716250b61c
date
Sun, 31 Jul 2022 17:58:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
a.clickcertain.com/px/img/bidswitch/ Frame 735B
Redirect Chain
  • https://a.clickcertain.com/px/r/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
  • https://a.clickcertain.com/px/li/?ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&redir=https%3a%2f%2fcm%2eg%2edoubleclick%2enet%2fpixel%3fgoogle_nid%3dclickcertain%26google_cm%3d1%26google_sc%3d1%26redi...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...
  • https://a.clickcertain.com/px/img/g/?redir=https%3A%2F%2Fsecure%2Eadnxs%2Ecom%2Fgetuidu%3Fhttps%3A%2F%2Fa%2Eclickcertain%2Ecom%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26ccid%3D957ec4fb%2D5e24%2D4bf...
  • https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&anx_uId=$UID
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&anx_uId=1166561399691301704
0
0
c
ea.youmaker.com/api/pw/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Requested by
Host: subs.youmaker.com
URL: https://subs.youmaker.com/lib/api.bundle.js?execute=false&ver=20210318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Queens, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ntd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.ntd.com
date
Sun, 31 Jul 2022 17:58:14 GMT
server
nginx/1.20.1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
c
ea.youmaker.com/api/pw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ea.youmaker.com/api/pw/c?tid=P-KDJOIELE2&en=readactivity
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.7.168.74 Queens, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ntd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Content-Type
access-control-allow-methods
GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin
*
allow
GET, POST, OPTIONS, PUT, DELETE
content-length
0
date
Sun, 31 Jul 2022 17:58:13 GMT
server
nginx/1.20.1
72731
idx.liadm.com/idex/unknown/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/72731?duid=33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr&resolve=md5
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.176.190 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ntd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://www.ntd.com
date
Sun, 31 Jul 2022 17:58:16 GMT
request-time
3
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
4a689c8a9cedfa03
vary
Origin
access-control-allow-credentials
true
p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
comment.youmaker.com
URL
https://comment.youmaker.com/api/v1/config?site=www.ntd.com
Domain
a.clickcertain.com
URL
https://a.clickcertain.com/px/img/bidswitch/?done=true&ccid=957ec4fb-5e24-4bfe-a91f-b47ac28c149b&anx_uId=1166561399691301704
Domain
p.alocdn.com
URL
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=5N0H11N-event-%257B%2522type%2522%253A%2522identify%2522%252C%2522user_id%2522%253A%2522NTD%2522%252C%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fstorejs%252Fa%252F5n0h11n%252Fge.js%2522%252C%2522ver%2522%253A%25221.4.1%2522%252C%2522guid%2522%253A%252250eb0f4e-90c5-42c4-ab93-88bd04ecc166%2522%257D&url=https%3A%2F%2Fwww.ntd.com%2Fbanana-boat-sunscreen-recalled-nationwide-due-to-cancer-causing-chemical_817379.html

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| pbjsChunk object| pbjs object| _pbjsGlobals boolean| apstagLOADED object| apstag string| ntd_primary_category string| ntd_user_id string| ntd_cat_ids string| ntd_term_ids string| ntd_all_term_ids string| ntd_cat_names string| ntd_ads_term_ids string| ntd_post_id string| ntd_author_nicename string| ntd_author_name string| ntd_primary_category_name string| ntd_tags string| ntd_tags_slugs string| ntd_publish_date string| ntd_last_updated_date string| ntd_word_count string| ntd_page_type string| ntd_tag_manager object| settings_obj object| dataLayer string| ntd_ga_id string| ntd_domain string| url_path undefined| arr_path string| GoogleAnalyticsObject function| ga function| twq function| $ function| jQuery object| pending_sections number| section_threshold number| infinity_ad_count number| right_column_ad_count undefined| ymkToken object| userGEO object| PipaUser function| check_sections_on_scroll function| add_lazy_load_section boolean| didScroll function| ntd_back_to_top function| epochGUID function| sortJSON function| play_livetv function| getUrlParameters function| init_pipa_paywall function| remark_panel_init function| ntd_ymk_userID function| ntd_get_share_counts function| ntd_set_share_counts function| ntd_get_email_list function| ntd_newsletter_subscription function| getUserGEO function| ntd_signup_newsletter_subscription object| ep object| jQuery11130751604171244906 object| regeneratorRuntime object| MicroModal function| expired object| epSubs number| PREBID_TIMEOUT object| ads boolean| ntd_no_ads object| ads_term_ids function| getRootDomain object| aps_slots function| display_ads function| fetchHeaderBids function| insert_ads_div function| display_infinite_ads function| display_right_column_ads function| get_ads_wrapper function| ednBidders function| ixbid object| googletag object| slots object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| _comscore function| referral function| setCookie function| getCookie object| remark_config undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| COMSCORE function| udm_ object| ns_p object| twttr object| cbJsonP function| cb_window_logger object| __SENTRY__ function| Chargebee object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ggeac object| google_js_reporting_queue object| REMARK object| recaptcha object| closure_lm_767257 function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks undefined| google_measure_js_timing object| ntd_tv_1x1 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| jsapi_ object| JsAPI object| __statmedia object| U function| StatMedia object| statmedia49639 object| atwo3y2egjek object| closure_lm_69857 object| geq string| cookieStoreData string| persistentUser undefined| firstpg undefined| dynamicPixel boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu string| trackingPixel object| GoogleGcLKhOms number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| _0x3f37cd function| GeAnalytics function| geLoadLi function| _0x75d1 function| _0x4029 boolean| geqpreprun function| run_ge object| liQ object| _geq object| __li__evt_bus function| empty function| _add_ctag object| body object| _peSd object| _peD object| _peE object| _pe object| _peq

53 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgYIkgEQ4xI
www.ntd.com/ Name: epoch_gdpr_userid
Value: 9db934bc-bd44-24af-dc9c-7253fb5f5007
.ntd.com/ Name: _ga
Value: GA1.2.1323838124.1659290289
.ntd.com/ Name: _gid
Value: GA1.2.668070684.1659290289
.ntd.com/ Name: _gat
Value: 1
.ntd.com/ Name: ntdViewCount_fb
Value: 2
.postrelease.com/ Name: opt_out
Value: 1
www.ntd.com/ Name: ntvSession
Value: {"id":4068061,"placementID":1164748,"lastInteraction":1659290289258,"sessionStart":1659290289258,"sessionEndDate":1659312000000,"experiment":""}
.twitter.com/ Name: personalization_id
Value: "v1_dUK5jOvi+rPeI0EdyzLx2A=="
.t.co/ Name: muc_ads
Value: 5d2226a4-08b3-4277-9bc6-618975790881
.mixi.media/ Name: _sm_uid
Value: a686a7f3-e337-4a39-968e-445e95a5e383
.mixi.media/ Name: _sm_udt
Value: 1659290289361
.mixi.media/ Name: _sm_sid
Value: 8a3a8596-6157-43b8-9aae-d8276eb68f44
.adnxs.com/ Name: icu
Value: ChgI159BEAoYASABKAEwsYWblwY4AUABSAEQsYWblwYYAA..
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
.mixi.media/ Name: nid
Value: ads5-3sser15
.rubiconproject.com/ Name: khaos
Value: L69MLHHY-X-EO8E
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjDhHFlhV6OmbJGe4Ni1ThWK2euPP2lVg20RTcz8e+19Xb0ges6S47y3OnsRse95/PAUJ+gL7gixREiWVDBisffUN+/nvRkaHE=
.adnxs.com/ Name: uuid2
Value: 1166561399691301704
.stat.media/ Name: _sm_uid
Value: a686a7f3-e337-4a39-968e-445e95a5e383
.stat.media/ Name: _sm_udt
Value: 1659290289361
.stat.media/ Name: _sm_sid
Value: 8a3a8596-6157-43b8-9aae-d8276eb68f44
.stat.media/ Name: _sm_cm
Value: 32
.go.sonobi.com/ Name: HAPLB8S
Value: s8714|YubCq
.ntd.com/ Name: __gads
Value: ID=b9aace6b16414c95:T=1659290289:S=ALNI_MYT_USIlGZ4DV0UpNZU5eVWjInmRw
.doubleclick.net/ Name: IDE
Value: AHWqTUnxl9J_QyYXCorTySocL5EgAQvlfEoFu06aA-kMe2zAcdJmxw-250Iww0zn0Fc
.ntd.com/ Name: _li_dcdm_c
Value: .ntd.com
.ntd.com/ Name: _lc2_fpi
Value: 33df6995a8cd--01g9aph2z41966jbf2tmd8x8vr
.liadm.com/ Name: lidid
Value: a5a72577-b0bb-4c7e-a3ac-f894a201e7e1
.casalemedia.com/ Name: CMPS
Value: 1219
.casalemedia.com/ Name: CMID
Value: YubCsykUVC124P6Xnmvv5gAA
.casalemedia.com/ Name: CMPRO
Value: 1214
.csync.loopme.me/ Name: viewer_token
Value: a87ff975-c2be-4ebb-8001-5eba1080238f
.yahoo.com/ Name: A3
Value: d=AQABBLTC5mICEMmQvma1m4fvot-U5LEvfYIFEgEBAQEU6GLwYgAAAAAA_eMAAA&S=AQAAArPnMro3jK3Vi0QrmE05OqU
.brand-display.com/ Name: _knxq_
Value: de2f94de-5f47-139a-3e5ec8a5.1659290292.0.1659290292.1659290292
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b82e97ac-c316-4bd1-8d19-c68faf5fef1a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTkyOTAyOTI7MjswMjFZkRwCi/OUqdQ0ooK5aqYJ8o8vF8+lqBSWC+9hnotrzQ==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2753:u=1:x=1:i=1659290292:t=1659376692:v=2:sig=AQH7a5AodSe8_-CorKU-lsJnH04FuLdN"
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 280b4380-d26c-4909-9f8e-13205fd581ac
beacon.lynx.cognitivlabs.com/ Name: ss
Value: zB1a1pprkER7cCFkwlLvdWX5ZHBVOn%2FyodhcjeWuCHvmZJnjdRKTabG1QVz%2FizetEpOacDf4Zg%2FshohoHEE1zQ%3D%3D
a.clickcertain.com/ Name: _ccpx_u
Value: 957ec4fb%2d5e24%2d4bfe%2da91f%2db47ac28c149b
.mathtag.com/ Name: uuid
Value: d0fa62e6-c2b5-4a00-ae84-e475b691bd25
a.clickcertain.com/ Name: _ccpx
Value: 2455d1796b86efb
a.clickcertain.com/ Name: _ccpx_2455d1796b86efb
Value: 1
.casalemedia.com/ Name: CMTS
Value: 1115
.casalemedia.com/ Name: CMRUM3
Value: f162e6c2b305a0&2d62e6c2b405a0CAESEMFtXIbjhy0R6g6UNgkOsvw&e662e6c2b32760&da62e6c2b32760&bf62e6c2b42760de2f94de-5f47-139a-3e5ec8a5&c362e6c2b42760av-e3168eca-f514-464e-b5ec-562c690c0898&2762e6c2b30b40&c462e6c2b305a0&0362e6c2b52760d0fa62e6-c2b5-4a00-ae84-e475b691bd25&0862e6c2b42760280b4380-d26c-4909-9f8e-13205fd581ac
.casalemedia.com/ Name: CMST
Value: YubCs2LmwrUA
.tapad.com/ Name: TapAd_TS
Value: 1659290293621
.tapad.com/ Name: TapAd_DID
Value: 7b010469-6568-4a05-be86-8f716250b61c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

3 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

767bcd90336d596dd941981194f932bd.safeframe.googlesyndication.com
a.clickcertain.com
a.remarketstats.com
acdn.adnxs.com
ad4m.at
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
b-code.liadm.com
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
cdn.indexww.com
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
comment.youmaker.com
csync.loopme.me
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
ea.youmaker.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
gu.dyntrk.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idx.liadm.com
img.ntd.com
jadserve.postrelease.com
js-sec.indexww.com
js.chargebee.com
match.adsrvr.org
match.prod.bidr.io
mb.ntd.com
mixi.media
nep.advangelists.com
onetag-sys.com
p.alocdn.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.adnxs.com
px.ads.linkedin.com
r.casalemedia.com
rp.liadm.com
rp4.liadm.com
s.amazon-adsystem.com
s.ntv.io
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
sc.youmaker.com
securepubads.g.doubleclick.net
services.epoch.cloud
ssum-sec.casalemedia.com
stat.media
static.ads-twitter.com
static.mixi.media
static2.mixi.media
static3.mixi.media
static4.mixi.media
static5.mixi.media
static7.mixi.media
stats.g.doubleclick.net
subs.youmaker.com
sync.adotmob.com
sync.go.sonobi.com
sync.mathtag.com
t.co
target.mixi.media
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
x.bidswitch.net
a.clickcertain.com
comment.youmaker.com
p.alocdn.com
103.229.205.242
104.18.18.126
104.18.19.126
104.244.42.133
104.244.42.67
108.138.4.10
13.32.121.72
135.125.160.160
136.243.66.182
142.250.181.226
142.250.186.162
143.204.89.75
151.139.128.11
185.183.112.148
185.89.208.11
185.89.210.180
199.232.136.157
23.205.235.133
23.47.208.198
23.47.209.6
23.47.209.80
2600:1f18:730:b150:1cf:88dc:54d8:eec2
2600:9000:2304:1200:8:8845:1500:93a1
2602:803:c003:200::21
2606:4700:20::681a:27a
2606:4700:20::681a:ad1
2606:4700:20::ac43:4acf
2606:4700:3038::6815:ea4e
2606:4700::6812:c4c
2606:4700::6813:ac6c
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9d
2a00:1450:4014:80e::2001
2a00:1450:4014:80e::2002
2a00:1450:4014:80f::2002
2a00:1450:4014:80f::2003
2a02:fa8:8806:16::1400
2a05:d018:d29:3601:6b06:26e1:4300:34b
34.111.151.213
34.120.33.89
34.120.97.157
34.241.126.16
35.168.71.120
35.227.248.159
35.244.174.68
35.244.243.66
35.71.131.137
4.7.168.74
46.161.36.24
51.89.9.252
52.17.61.45
52.200.156.133
52.46.130.91
52.92.131.48
54.154.162.73
54.170.230.96
54.210.33.215
54.237.176.190
54.93.141.89
66.155.71.25
69.166.1.10
69.173.144.139
69.173.144.165
72.251.241.206
99.86.240.99
0011a11726bf0bbfcf1f2f4406071b3ee90f4b231f1aec792c9c4cb6ab5e90fe
02e4e516aff9c5c5364fb13f045d5b1b8e8ba29aadff878442c6d4197018edc5
03b40e8e91ad965faeab1b90a80085cdc77fe945ee2682c835782d5af3011eb5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07fc9910e487dc47adf17cbac80967ff1ce6c539ac50d9bc0aa0d32d02450f13
09651ad39778bdf875d95a74bd58f43043f8f1a21ee08f248b17dcd57adeace8
09a844ff5ec0824771ea4f9fe9599a2aa92a2e6c41bc5aefa9fea5e196e30dd9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec26739e5c5fc87ceb656b3e93e505be0bce2aad03a76c7f44ac0de79295d02
10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260
14c26d5c4c6a357680c3b4d989c7921c961471bae1453e1b14e5fbb0efa06c89
174968ade2c26e2e45fd808e1c4539631126b8641c997bb5085eeb20657be0ce
18e668aadd22fe3cd1c6d36b877a8acfe504eb5f560a52981c876f6c1117d718
1a07374b81f38fadf47b5145dc73876c30554db128d8c09b1e6995b77a22616e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
1f57003d228a59e5616ab6d408e658ec6448f9f77bc403b3cd56e596e0bc1ae9
208d099c55bdc5dc02ccd45cfe09acac24654a187bcfe0abd67e843ebfdb7054
2588c50b9c41fe70411e569c25b59fbfa6c17909a9e5e900b8638145a312fd71
2605ae7e7769aebf0e4de69b247181746ba089ba3dc24c34c4f9b7174c16da2f
2703369bddabfadf3ee5d0747cad50ef2a00438db862e48ea5e02055608bc810
27589c7e170c9aa0228a9973613c41eb4e58c3942614a89cd1019462c1914a6f
27d9c032f84e7e644c0888cf5ae1f2c70203dccc34b75104d0e5e5086b1186d8
296f07f7e7ba1614b6e69047950cc4b69c14bc1b7af8ae685c493da6e9dd2e69
2bdcb089c4c9b6cdd5ded547a444f547ad5e313a632c8f8dde5fc3ca1270a125
2cab29b6e32d1c1e3907f9fe4e3483831717a7eedf2c5057fd592255afd7b4d4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33765fff8d067be11a0ba90c03f949a61fe9772c11024ce018daa06f4b6b9b5e
345463ceee58851a53c4a5b3e6c85dcab8abb53c23a85bea3eaf3087d0b7eb4f
37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
389fa4125ec3420aaa5b87423adc74c1e2fdbae9cd1eefb2dc2634b5032f4be7
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3a67b72c290c93389da4ac7869c0cd8b5592c47c63b6efccb2f86d44c80d4ab0
3c15db5f59b3404361f68a830d61e28e37b6311ac3914e1d4f25793635c4568b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7c7f77cc3bb5bf35042f2484343fdccd96a98ee0319542d32a4db82512e8ac
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404e0b0c9796d977edd59106119d0ff0c6da4ca6a8c51e2f2b1986049846268c
4064205ee8ddf8b3f26a380124a201ffef40512041ffef8ed31ce676ebedfe46
4599e2d8d62da18cf901cf586dd7ef85e5aae95e1332cade934964f52a42a9ab
4722924fad75e0845ad71c0ab7525885b3c90fc524a07cbd08c059e9b2f145b5
478e3f82089d4bc0303ad02ef73c9e6901861b756d52f8667ba3164bedd76f7c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
5225a7b46a4bb5b6b870d3a0056b36c62cf19bee42e2fc9c3d5957d8fbac3666
52e006687b1edf8c27ae62cd74911cb4ec98573c31a12b52aa21c7793c454b90
52f32a1925bca9851d9d8146fb5593d778134bcf13f24897d2f72ee30b8cdd80
5398071fecc9961df5efa0c1c074fa401050328bd4f9575f302c86f922034805
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f7bdc42b17d071e366a0fdf724bd5bcd8ad82d5c91fd74a2a562675d1ab3b0
572d8e9ab9fd904dbde518f5cee0a7e6256e45c57d1d3d45c8419b8a423cd3fb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c01443c79c76e53bede7e62b8116b076613da68208ce7fd2bfcb5aec7ce22b1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
60cf40736d32e7a75a0e4c6fe3c24f635a13c6f8a5683bbdaeb300d6c67ede9d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668c738513226244d0cbd2530517fbcf2df2b86a4eaaba5b9b54d8e9d9f68958
67089776eb48907fb7f72377e74e71d868853ae28310600f11bc473ba65d8e65
686a89419fb387c08e4e99fc59d73a18f26b1b98a7f19b8915dcfe6b8392a7be
6951c7c304900b4e2b7f0213fab3e077225b9bd842056a10134b0afbb1be26db
6a3e3c6b0f243d13a585fd6e8713c4062939586b1c06f859bcb1c16c9272decf
6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209
6b9765abde54c6e633d51e84c708e0de14545d7febc0b9c3b62091c661931339
6df470a4b40be62f0400ec013c449c5592359b6f5f7789dba6ff61efed87f4be
6e68201b739bf66b09f1bfadfef7696bb50d5b7ec34e1274cb29b5c1e606411c
6e93a39945714c778e1e805fc046c7b3e60656af8b0406ec8ac88a1657234f50
713263f98de24816dc9c23cceaac5e33d2d503c3e3279d5f594f3c6bbc37f00d
7360c787d0c4e565e0e700288481fd4847a6cc409ab0e01b2cc56ec005596160
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b3fff9b0e445383c36733afa28aaec7965f916f4018beedba5a9f107d9070b
77b4ded5861804effad2a1c68347919ba73739f163ead73cc2b9d019b438ec1e
78bc2d2750be6b053a3a151669c47fed3142449eb4d6e6c4608cb11a0f8010df
79a8895caf232ec1638d29e2cc7d0109b2ec2fe303aefb21a3071e065a1188ab
7e842ae6e9fc0ea12a6e5750d1ac7138df0084feebe6e52d1193322fb159301e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8381f39e53ff782bb9ab1d21fa5a53c097fd19cf37c09e7cf141db98a6fc8636
84c06a1ac5e4e179f91a9aa2fe149cbb85ba5d1b804fae2499f31ed0f6019be5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854618e81eb4673bce5dd08f3f5711621bc6364e51f3a3b1de6eec0e8f943ab6
864eec96b8b3b3499c98c64719ba89eddbc9e1aec531edb945e3d447584f9938
8697e0602a23d0d4ecca0c9d1829f6840a4e529aa16832df4acb893fa4c0376b
87828672774f5c617be1a2eb716f8e1cf1f6d2929eaee93530e7d072ac01889b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bd68be74f43faa8e77269094d2396e377ed0477537673e3f1439f8b52cad640
8d3ffd84b1a1db91b3f9aa4794249bf2568868fc125b99c181790e11193a245f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9013300fe102ea88b19ffad1f8864333e81d6d7a3af1326bce6a7a6846aec1b0
95a9957936dcf795ce88de80e750d8aa0788a7f47a7913e3a0b7c6a582c1fffd
9bed17cf3af8c3da50b3382bdb07d355e5603a8e1c52b93650fdb11902e444eb
9c34382282ec26fc9e106fe71a2cae792a26e48085aad1ba328ea985efe84ab6
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9f80176d492ebfcfa398970bb192f2b4c402680ffb96d5ab7f3d82b091865d96
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a47482049590e8357eeaf428d366d9be61fa493356da94d508c1eb9cdbd692bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a792ac9f3c4d887c13275d1699b75d2cc8616a774dc2afbd315142da249a2ec6
a7babd2fcaaab270d34bda21a67d72828ee8588deb2343beb8f4596039190357
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa88d2acf37ee467ab4d7e52bbc3faea9dcb2cd522e40407b74345e7b8fa650
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32092d0bdbb0ef99435450229c9c7dd1fc2e25aa6353782b52bfc1f8f6993f8
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba94d9ad141b3669ef618aa52741e6ca850103ce1c82691f184629f46495c572
bcc0818875baf4cc960baf1a1acacef9a4b2b3092da9d399e56ac8d56ab56dff
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c51c9e2d3dfc833336ad78aae335b536d7b8ea5bf065183b64d23074e88a0fbc
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
c6547b2a8866e61b15cfcefb2ddb03aebe0ce6dd03d9bcbb66b4bb4901407311
c84e3c10e7e6872f1565ed0fcbd34d0e90926ed48b46a882d66f3f81ac40b26d
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
d01126b57f8d337b12203e1ab7fb019f19aa0fb7cac9bd6642cdc41ac524b8ec
d442738e26dbda3bd17b78c2d1371d7572023189cce795d13359a3a337aff8af
d7f660744b45625e29c4f7b1a5cb8236f688ccf101f14a597f6e2abefa267349
d9bbbfdaa50913a1ff05a4320913fc373fea308140eeb4358ba64c0b6e35a756
db09c249b269044d9d7958f1c465546e8f7586f321bdb1b89a2ce19a682c0f2f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deb60f2899be4d34c9856f8493a44b1a0450b5d78db716c34a3a7b17c462a291
df6c2ea36d19df815f500fac864bfb1a990faaccb29098b0f565c200fae2464a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4328db66139f0cb514c6b497dacd62b839692dbe739980c3d9b9934e816938f
e432b5ad48c1acacf7359218e84c15a30768307b293f70b50a2b2891c312733c
e63f8356e282400d9814a366eee07301b2240b4786c519cd01b175f84e65a681
e6d52fb9d798bb53b7b50602d6c2bb5c057745e9ec8d43772118b37115a34288
e7cee0a0eb35e96c9a23a587db0ae9e57a4d440d42ce34a686dbeb5c3b9ee3d2
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee5636802d3b59edb8068a7ec377ad4e3287900b24cb4378eb7dba08a6c0d268
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f39ed000f48107a0f85fb4c790e04d8eda262505871cd41f7795b86d0e95ae34
f51ac72ea1099d1a4d64b06b96a521debb8b4cc983645de6788c67b168884de8
f54c2e8bda3af801a52d3b580e982f4317166bc8a79486b88b69647a1e7e6246
f6beec22bca198800dd6bc803745b04a5572c5a960f031ef9079986a5a06c347
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f81fafb66225e1363d488149050f651f1a51501deda76278b4911e90d85c4ff3
f952d40de50ee68414a8454d93b85fa326a029b3cd7d070bc19a206e15702924
faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d
fc40eab34ac4423ba9c0ec3ec231e8f0bd430bdd382232d444a165bb5bcb3e49