www.ntd.com Open in urlscan Pro
2606:4700::6812:181e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnews.to/china-cyber-spying-us
Effective URL:
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Submission Tags: falconsandbox
Submission: On February 07 via api (February 7th 2024, 9:02:39 am UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 45 IPs in 9 countries across 33 domains to perform 163 HTTP transactions. The main IP is 2606:4700::6812:181e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ntd.com. The Cisco Umbrella rank of the primary domain is 796762.
TLS certificate: Issued by E1 on February 3rd 2024. Valid for: 3 months.

This is the only time www.ntd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:c7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2606:4700::68... 2606:4700::6812:181e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.19.11.183 2.19.11.183	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.107.251.162 34.107.251.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
12	136.243.66.182 136.243.66.182	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2	34.120.97.157 34.120.97.157	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	34.110.129.224 34.110.129.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	52.92.202.56 52.92.202.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.225.106.11 34.225.106.11	14618 (AMAZON-AES) (AMAZON-AES)
4	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	4.7.168.74 4.7.168.74	3356 (LEVEL3) (LEVEL3)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	2606:4700:303... 2606:4700:3038::6815:ea44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200d	27630 (AS-XFERNET) (AS-XFERNET)
3	82.148.14.195 82.148.14.195	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2600:9000:225... 2600:9000:225e:9800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:27a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:730... 2600:1f18:730:b130:4cec:7307:b1fe:db9b	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.207.120 18.214.207.120	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	52.88.227.35 52.88.227.35	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:c200:e:291c:8fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.48.107.219 52.48.107.219	16509 (AMAZON-02) (AMAZON-02)
1 1	3.219.136.225 3.219.136.225	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
163	45

1 2606:4700:3034::ac43:c7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tnews.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6812:181e (United States)

ASN13335 (CLOUDFLARENET, US)

www.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.19.11.183 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-183.deploy.static.akamaitechnologies.com

i.ntd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.251.162 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.251.107.34.bc.googleusercontent.com

subs.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 136.243.66.182 (Cologne, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mixi.media

mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static7.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static6.mixi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.97.157 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 157.97.120.34.bc.googleusercontent.com

sc.youmaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.110.129.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.129.110.34.bc.googleusercontent.com

pwe.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.202.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.106.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-106-11.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.7.168.74 (Hazleton, United States)

ASN3356 (LEVEL3, US)

ea.epochbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea44 (United States)

ASN13335 (CLOUDFLARENET, US)

mixproxy.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.epoch.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200d (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.148.14.195 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel25.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:27a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.remarketstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:932 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4cec:7307:b1fe:db9b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.207.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-207-120.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.227.35 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-227-35.us-west-2.compute.amazonaws.com

a.usbrowserspeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:c200:e:291c:8fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.trovo-tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.107.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-107-219.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.136.225 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-136-225.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	ntd.com www.ntd.com — Cisco Umbrella Rank: 796762 i.ntd.com — Cisco Umbrella Rank: 825979	1 MB
16	epochbase.com subs.epochbase.com — Cisco Umbrella Rank: 354376 pwe.epochbase.com — Cisco Umbrella Rank: 86252 ea.epochbase.com — Cisco Umbrella Rank: 85770	146 KB
12	mixi.media mixi.media — Cisco Umbrella Rank: 50477 static.mixi.media — Cisco Umbrella Rank: 95304 stat.mixi.media — Cisco Umbrella Rank: 62771 static7.mixi.media — Cisco Umbrella Rank: 90005 static1.mixi.media — Cisco Umbrella Rank: 108959 static6.mixi.media — Cisco Umbrella Rank: 101144	458 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	653 KB
9	adnxs.com 2 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1859 ib.adnxs.com — Cisco Umbrella Rank: 253 acdn.adnxs.com — Cisco Umbrella Rank: 598	40 KB
8	clickcertain.com 4 redirects a.clickcertain.com — Cisco Umbrella Rank: 5981	6 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	158 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	77 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477	14 KB
4	liadm.com 2 redirects b-code.liadm.com — Cisco Umbrella Rank: 3215 rp.liadm.com — Cisco Umbrella Rank: 1497 rp4.liadm.com — Cisco Umbrella Rank: 7027 i.liadm.com — Cisco Umbrella Rank: 550	17 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 707	815 B
3	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	434 B
3	stat.media stat.media — Cisco Umbrella Rank: 37327	1 KB
3	epoch.cloud mixproxy.epoch.cloud — Cisco Umbrella Rank: 83178 cdn.epoch.cloud — Cisco Umbrella Rank: 110333	176 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	137 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	237 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644	3 KB
2	trovo-tag.com tag.trovo-tag.com — Cisco Umbrella Rank: 45805	2 KB
2	usbrowserspeed.com 1 redirects a.usbrowserspeed.com — Cisco Umbrella Rank: 6074	419 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	remarketstats.com 1 redirects a.remarketstats.com — Cisco Umbrella Rank: 41881	1 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 478	849 B
2	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 5105	779 B
2	youmaker.com sc.youmaker.com — Cisco Umbrella Rank: 100345	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	69 KB
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 976	445 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 1917	104 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	amazonaws.com s3-us-west-2.amazonaws.com	60 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	29 KB
1	tnews.to 1 redirects tnews.to	844 B
0	Failed function sub() { [native code] }. Failed
163	33

	Domain	Requested by
41	www.ntd.com	www.ntd.com
11	pwe.epochbase.com	www.ntd.com
10	i.ntd.com	www.ntd.com
8	a.clickcertain.com	4 redirects a.remarketstats.com a.clickcertain.com
6	fonts.gstatic.com	www.google.com www.ntd.com fonts.googleapis.com
6	ib.adnxs.com	2 redirects i.ntd.com
4	static7.mixi.media	www.ntd.com
4	ea.epochbase.com	www.ntd.com
4	onetag-sys.com	i.ntd.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	c.amazon-adsystem.com	www.ntd.com c.amazon-adsystem.com
4	www.google.com	www.ntd.com www.gstatic.com www.google.com
3	match.prod.bidr.io	1 redirects a.clickcertain.com tag.trovo-tag.com
3	stat.media	stat.mixi.media
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.ntd.com www.googletagmanager.com
3	mixi.media	www.ntd.com static.mixi.media
2	acdn.adnxs.com	i.ntd.com
2	js-sec.indexww.com	i.ntd.com
2	eus.rubiconproject.com	i.ntd.com eus.rubiconproject.com
2	tag.trovo-tag.com	a.clickcertain.com tag.trovo-tag.com
2	a.usbrowserspeed.com	1 redirects tag.trovo-tag.com
2	pixel.tapad.com	2 redirects
2	cdn.epoch.cloud
2	a.remarketstats.com	1 redirects tag.trovo-tag.com
2	htlb.casalemedia.com	i.ntd.com
2	fastlane.rubiconproject.com	i.ntd.com
2	exchange.postrelease.com	i.ntd.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	static.mixi.media	mixi.media www.ntd.com
2	sc.youmaker.com	www.ntd.com
2	www.youtube.com	www.ntd.com www.youtube.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.g.doubleclick.net	a.clickcertain.com
1	i.liadm.com	1 redirects
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	sync.go.sonobi.com	www.ntd.com
1	static6.mixi.media	www.ntd.com
1	static1.mixi.media	www.ntd.com
1	fonts.googleapis.com
1	mixproxy.epoch.cloud	pwe.epochbase.com
1	prebid-match.dotomi.com	www.ntd.com
1	prebid.adnxs.com	i.ntd.com
1	stat.mixi.media	mixi.media
1	www.google.de	www.ntd.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	s3-us-west-2.amazonaws.com	www.ntd.com
1	www.googletagservices.com	www.ntd.com
1	subs.epochbase.com	www.ntd.com
1	tnews.to	1 redirects
0	https Failed	www.ntd.com
163	56

This site contains links to these domains. Also see Links.

Domain
donate.ntd.com
mixi.media
help.ntd.com

Subject Issuer	Validity	Valid
ntd.com E1	`2024-02-03` - `2024-05-03`	3 months	crt.sh
i.ntd.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.epochbase.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-15` - `2025-02-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
mixi.media R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.youmaker.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-18` - `2024-07-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static.mixi.media R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
stat.mixi.media R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2023-05-31` - `2024-06-30`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
epoch.cloud GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
stat.media R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
trovo-tag.com Amazon RSA 2048 M02	`2023-04-08` - `2024-05-07`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
a.usbrowserspeed.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-29`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M03	`2023-11-28` - `2024-12-26`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Frame ID: BF9F3B10ABCC50D367ED1C6F5ED9530D
Requests: 138 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&badge=bottomright&cb=eduoxz6nx506
Frame ID: 4129FFC7A530834E4ADA7B29ED79A030
Requests: 8 HTTP requests in this frame

Frame: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Frame ID: 9E33226A4EEBE44861AFDFF2200CDBE6
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707296554265
Frame ID: 4DD6CCCB4A15C075E423480FD305F298
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 17F0989B5244EB2F9BC1EB6F4F0E9407
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 41C399388F2FD1B383A49F4B48B78B8D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3CAF4369746E7CDF5EEF9B1D6B95918B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BB1339995220CA9471618FB3E4A6214A
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1707296554265
Frame ID: F0C0800C3AAF0563A409E9EACB301E7B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BCE66521679AF98459B3E56760D0D24A
Requests: 1 HTTP requests in this frame

Frame: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=&v=js-0.1.0&aid=193f0456&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Frame ID: 973FB8A1F083C7CB93CA9D4D718B6202
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Critical Entities Targeted in Suspected Chinese Cyber Spying | NTDcommentcommentcommentcommentcommentcomment

Page URL History Show full URLs

https://tnews.to/china-cyber-spying-us HTTP 307
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

163
Requests

93 %
HTTPS

46 %
IPv6

33
Domains

56
Subdomains

45
IPs

9
Countries

3848 kB
Transfer

8414 kB
Size

39
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.ntd.com/
Title: Support US

Search URL Search Domain Scan URL

URL: https://mixi.media/

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14178185&bl=95162&ct=adpreview&st=46&nvuuid=475773c1-2a89-ba33-6500-000dc3d8013e&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=222216499&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=12754657&bl=95162&ct=adpreview&st=46&nvuuid=479e7338-2ae1-ba84-6500-004bc3c201b3&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=1270036612&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14178148&bl=95162&ct=adpreview&st=46&nvuuid=475773ba-2a64-baff-6500-0063c3d801d3&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=1674820351&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=13556475&bl=95162&ct=adpreview&st=46&nvuuid=47da739f-2afb-baae-6500-000cc3ce018e&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=210673582&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14178219&bl=95162&ct=adpreview&st=46&nvuuid=4757737d-2aab-ba2f-6500-0065c3d80120&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=1696628015&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://mixi.media/newdata/news?ad=14153209&bl=95162&ct=adpreview&st=46&nvuuid=47f57375-2af9-ba2a-6500-004bc3d701e6&bvuuid=9fa665f5-7390-4a98-b81b-f9fd083844f8&rnd=1273394474&ag=25&ev=H4sIAAAAAAAA_-OS6Fz_kO3h3i62J-sesv3eupttNZD_8_V9NgB-5F-nGgAAAA&suid=CiRmNGJhYTAyZS0yYmJkLTQ2NTUtOWM4ZS0zNDJkOTAwNTQ3NGYSC3d3dy5udGQuY29t

Search URL Search Domain Scan URL

URL: https://help.ntd.com/hc/en-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnews.to/china-cyber-spying-us HTTP 307
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html HTTP 302
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095

Request Chain 146

https://rp.liadm.com/j?dtstmp=1707296555315&se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&tv=v2.13.0&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&wpn=lc-bundle&cd=.ntd.com HTTP 302
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&cd=.ntd.com&dtstmp=1707296555315&tv=v2.13.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx

Request Chain 148

https://a.clickcertain.com/px/ta/?ccid=83a8e440-0014-4878-9040-4e1f8b893904 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=83a8e440-0014-4878-9040-4e1f8b893904&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=83a8e440-0014-4878-9040-4e1f8b893904&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d HTTP 302
https://a.clickcertain.com/px/ta/?done=true&ta_id=19e1277a-3f7c-41ba-8044-a0e24bc0c9b0

Request Chain 149

https://a.usbrowserspeed.com/cs?puid=071f8e66-8c00-5555-88bf-7ec66d7b9530&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d33fc63b9%2da7e0%2d49f9%2d9b01%2d1d8bbb97a095%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP 302
https://a.clickcertain.com/px/t/?done=true&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&uid=8b675dc8-cdc6-4730-95b1-161ab7e82211&hem=

Request Chain 151

https://match.prod.bidr.io/cookie-sync/fivebyfive HTTP 303
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Request Chain 152

https://a.clickcertain.com/px/r/?ccid=83a8e440-0014-4878-9040-4e1f8b893904 HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=83a8e440-0014-4878-9040-4e1f8b893904&ccid=83a8e440-0014-4878-9040-4e1f8b893904&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d83a8e440%25252d0014%25252d4878%25252d9040%25252d4e1f8b893904%252526anx_uId%25253d%252524UID HTTP 303
https://a.clickcertain.com/px/li/?ccid=83a8e440-0014-4878-9040-4e1f8b893904&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d83a8e440%25252d0014%25252d4878%25252d9040%25252d4e1f8b893904%252526anx_uId%25253d%252524UID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d83a8e440%2d0014%2d4878%2d9040%2d4e1f8b893904%26anx_uId%3d%24UID

Request Chain 161

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 162

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

163 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Show response
www.ntd.com/
Redirect Chain

https://tnews.to/china-cyber-spying-us
https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

131 KB
23 KB

722ms
659ms

Document
text/html

2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

175136d89325e246eec63851015f112bb4722ed027169bc6a493e86966aca5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 851a745aeab34dc5-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 09:02:32 GMT
expires: Wed, 07 Feb 2024 13:02:32 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 851a7455bc4d90dc-FRA
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 09:02:32 GMT
expires: Mon, 07 Jul 1777 07:07:07 GMT
location: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK%2FUGl35dO6lLb%2F8PDv6zkKBF%2F7fSSpPy8gFgGF7Wn0hPnCrP7F3WQzQs%2B5ZIosRYwVFuyf5b7eT%2FkyD2s06xLUG05OYkMxqjFSLqkD946SRxckNCiCCdvx88C7cN5oCbA13%2FSMbKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-redirect-powered-by: Pretty Link Pro Developer 3.6.3 http://prettylink.com
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK New-York-City-subway--900x506.jpg
i.ntd.com/assets/uploads/external/2021/06/ 348 KB
349 KB 935ms
809ms Image
image/jpeg 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/external/2021/06/New-York-City-subway--900x506.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c86b556ac2f34973af6a37e88359b5e7256c2020623aba8fc139b48b621279b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 356500
Last-Modified: Mon, 07 Nov 2022 14:44:18 GMT
Server: nginx
ETag: "636919c2-57094"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31535983
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Thu, 06 Feb 2025 09:02:16 GMT

GET
H/1.1 200
OK ntd-logo-comment.png
i.ntd.com/assets/themes/ntd/images/ 35 KB
36 KB 149ms
27ms Image
image/png 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/ntd-logo-comment.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:32 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 35679
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-8b5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29932229
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Expires: Sat, 18 Jan 2025 19:33:01 GMT

GET
H2 200 template.css
subs.epochbase.com/lib/ 4 KB
1 KB 199ms
132ms Stylesheet
text/css 34.107.251.162
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://subs.epochbase.com/lib/template.css
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.251.162 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 162.251.107.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 7ba241a9f560ed19ea6cf9b763bd7c1a2120d7b13f0387f758f96138d19e7942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 12 Jan 2024 01:01:13 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
expires: Wed, 07 Feb 2024 10:02:32 GMT

GET
H2 200 6e0e087fd8d38d29.css
www.ntd.com/_next/static/css/ 168 KB
48 KB 644ms
643ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/6e0e087fd8d38d29.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780a0e8440d24f4505731e17905d4b31f0f2008a36c081fc02877cd8afc90a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2a0b0-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f0fd74dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 5bb473991d248c54.css
www.ntd.com/_next/static/css/ 23 KB
5 KB 504ms
503ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5cf7-18d57599c54"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f0fd84dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 3142a792e382aafb.css
www.ntd.com/_next/static/css/ 15 KB
3 KB 495ms
495ms Stylesheet
text/css 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/css/3142a792e382aafb.css

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"3db9-18d57599c59"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f0fd94dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 30418f44-85d0cd07c9902eeb.js Show response
www.ntd.com/_next/static/chunks/ 680 KB
185 KB 651ms
647ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"a9f15-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ff34dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 2116-9ae6cf7826be2d15.js Show response
www.ntd.com/_next/static/chunks/ 10 KB
4 KB 492ms
489ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2116-9ae6cf7826be2d15.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0936c5c9a81e22635143fda4ba88273a67759ee800878b2ba8ce42f9c381f62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"27cc-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ff54dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 663.b97456ed77acb23c.js Show response
www.ntd.com/_next/static/chunks/ 10 KB
4 KB 494ms
491ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/663.b97456ed77acb23c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f144249af8ea4133d488adbe4aee126575141b21e63c5ee5242a5a19c1855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2823-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ff74dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 563.44233f0951680e71.js Show response
www.ntd.com/_next/static/chunks/ 12 KB
5 KB 497ms
494ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/563.44233f0951680e71.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6de355eccfa973ac4534a3907eab52b0404a94f4b232997fe48df199a511461

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"2f87-18d57599c59"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ff84dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 webpack-8693d3fcd266f64a.js Show response
www.ntd.com/_next/static/chunks/ 6 KB
3 KB 496ms
493ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/webpack-8693d3fcd266f64a.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95592d82a95024026b81d400ce04a7e9e52eaecae3ebd7fbfde51a8820d9595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"193a-18d57599c57"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ff94dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
www.ntd.com/_next/static/chunks/ 127 KB
41 KB 659ms
657ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1fbd2-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ffa4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 main-9f9ad50cce646180.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
34 KB 660ms
658ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1ce12-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ffb4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 _app-6edef8c4a05febf4.js Show response
www.ntd.com/_next/static/chunks/pages/ 322 KB
97 KB 649ms
647ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007ad0e05b52ceb6b842c38f085d0d6c6e88dc59a8553c97e9a33c8d598e167d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"50963-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2ffd4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 2373-7460ee92f1267c41.js Show response
www.ntd.com/_next/static/chunks/ 116 KB
41 KB 652ms
650ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2373-7460ee92f1267c41.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1d099-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f2fff4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 2962-a4df57f83cf7a4f7.js Show response
www.ntd.com/_next/static/chunks/ 17 KB
5 KB 497ms
495ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/2962-a4df57f83cf7a4f7.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"4442-18d57599c5b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28004dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 1276-37f5982c5d642883.js Show response
www.ntd.com/_next/static/chunks/ 75 KB
22 KB 650ms
648ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1276-37f5982c5d642883.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b48c9bae88b131f13bfc887d29eab2624cbc76b9f52ee4dbfa526bdea4f3ca3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"12aeb-18d57599c5b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28024dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 1294-07c25a588fe87df1.js Show response
www.ntd.com/_next/static/chunks/ 14 KB
5 KB 513ms
512ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1294-07c25a588fe87df1.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624f897565301dfadf2dc5f82b316a38978803afddd43192f77249eec041d13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"391a-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28034dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 1335-62db32bca98fac91.js Show response
www.ntd.com/_next/static/chunks/ 128 KB
17 KB 655ms
654ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1335-62db32bca98fac91.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1744de03c297908b7c72489f535271d32f6268760dd7e7e5eb4782a93bc8f825

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"20151-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28044dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 39-e693c02de40de378.js Show response
www.ntd.com/_next/static/chunks/ 13 KB
4 KB 510ms
509ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de523e97a88472a3647697b04dc64876c12b073e3a0f281ab7f42cdc7d3a8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"34ae-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28064dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 6674-225ab7197f71512c.js Show response
www.ntd.com/_next/static/chunks/ 7 KB
2 KB 498ms
497ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/6674-225ab7197f71512c.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d531fa8daaca8f5072568bf15fec5c140428fec7078d1cb5d4110c06d44eea1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1a7a-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28084dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 1601-e16e404666ee2e1f.js Show response
www.ntd.com/_next/static/chunks/ 9 KB
2 KB 497ms
496ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/1601-e16e404666ee2e1f.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"22bf-18d57599c5c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f280a4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 %5Burl%5D-8ba24cd43cdc2122.js Show response
www.ntd.com/_next/static/chunks/pages/ 22 KB
7 KB 508ms
507ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-8ba24cd43cdc2122.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f185d5e1f3ff326d44c1783d5761c23581a6e541c33a28115b266fc2aa4ebd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5851-18d57599c54"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f280c4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 _buildManifest.js Show response
www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/ 4 KB
2 KB 499ms
498ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/_buildManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c329933b45a665763f3fb0e24e79c2b08b99721c103788d5da7f80e57c2b3f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"1095-18d57599c52"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f280d4dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H2 200 _ssgManifest.js Show response
www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/ 598 B
329 B 503ms
502ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/90a22ab055efed4b2e7e723831b722adadb95fb2/_ssgManifest.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:32:05 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"256-18d5759e5c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a745f28104dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:33 GMT

GET
H/1.1 200
OK NTDLogo.svg
i.ntd.com/assets/themes/ntd/images/ 660 B
1 KB 183ms
46ms Image
image/svg+xml 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/themes/ntd/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:32 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 660
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-294"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=29432615
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NTDLogo.svg
www.ntd.com/images/ 660 B
622 B 490ms
490ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTDLogo.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"294-18a84a34dab"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 851a74640e984dc5-FRA
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 footer-app-logo.png
www.ntd.com/images/ 73 KB
73 KB 643ms
643ms Image
image/png 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/footer-app-logo.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 74494
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"122fe-18a84a34db2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a74640e9d4dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 NTD_BackToTop.svg
www.ntd.com/images/ 2 KB
1003 B 489ms
489ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/NTD_BackToTop.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/css/5bb473991d248c54.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/_next/static/css/5bb473991d248c54.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"7d6-18a84a25fec"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 851a74640e9e4dc5-FRA
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7745e700cc600e8ad111cc9d752e7e5d888201979efeaba26155a49cb5865826

Request headers

Referer
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET Pulse-Secure-smartphone-app-1200x761.jpg
https//i.ntd.com/assets/uploads/2021/06/ 0
0

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/30418f44-85d0cd07c9902eeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 07 Feb 2024 09:02:33 GMT

GET
H2 200 8735.d0b957bfa55e8687.js Show response
www.ntd.com/_next/static/chunks/ 44 KB
15 KB 643ms
643ms Script
application/javascript 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/_next/static/chunks/8735.d0b957bfa55e8687.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/webpack-8693d3fcd266f64a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
last-modified: Mon, 29 Jan 2024 22:31:47 GMT
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"af73-18d57599c5a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851a746588b04dc5-FRA
x-xss-protection: 1; mode=block
expires: Thu, 06 Feb 2025 09:02:34 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 75ms
29ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/%5Burl%5D-8ba24cd43cdc2122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71a05dadb62a7a68a46b74551d7e8ff9020d593dfd0a3a1f5066d26f827fdcc6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 09:02:33 GMT

GET
H/1.1 200 95162.js Show response
mixi.media/data/js/ 5 KB
2 KB 165ms
101ms Script
application/javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/data/js/95162.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/563.44233f0951680e71.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: d52da8a6f310751e4cf39f7f7f8b17dc40189460925bc2257ca1a6473314d34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 09:02:33 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 07-Feb-2024 09:02:33 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
95 KB 112ms
65ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/main-9f9ad50cce646180.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97b26e91db72b10e88ce8f58cdbdc74e1d0cacad506420b780cc149f16f9e30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 09:02:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
47 KB 83ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a142191bcbf06864135111a9e41910aa1d6d57835727db059cb4707bc0cda18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 09:02:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
29 KB 117ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95c19d24ecaae581c3b73f7b05a6e7216eff031a30d6d3dc8b1ddfb79464f7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29483
x-xss-protection: 0
server: cafe
etag: 655 / 19760 / m202402010101 / config-hash: 16350884531949761647
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 09:02:33 GMT

GET
H/1.1 200
OK prebid.js Show response
i.ntd.com/assets/themes/m-ntd/js/ads/ 275 KB
276 KB 34ms
34ms Script
application/javascript 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 281947
Pragma: no-cache
Last-Modified: Fri, 14 Oct 2022 17:48:55 GMT
Server: nginx
ETag: "6349a107-44d5b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30948362
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 286 KB
71 KB 90ms
21ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 08:14:35 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2879
x-amz-server-side-encryption: AES256
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: YYC3S7IVLqe6ZglHAHORkcKFF5U2MV9Yh50Etq-gsyb9PcZJ1aXjXw==

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 1 KB
204 B 556ms
556ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733280112269b0203940d0f0432c1a743acdc5069e4ad2abefba214daf961ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 851a746598dd4dc5-FRA
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 664 B
855 B 220ms
133ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=627894,971314,971329,971392,971334,971384,971356,971446,971351,971443&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 44fb32e9fdb8cb192f8a0234b42ba9736f372098edf7b65b59b2e46222b0adf1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664

POST
H2 200 getcounts Show response
www.ntd.com/v1/api/video/ 50 B
181 B 847ms
847ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/v1/api/video/getcounts

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/663.b97456ed77acb23c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ee9be11b0706589bc08ded04ee90229d7451a6b823dbe533dfc4f9530fdd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: gzip
server: cloudflare
cf-cache-status: DYNAMIC
vary: Origin, Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
cf-ray: 851a746598e04dc5-FRA
x-xss-protection: 1; mode=block

POST
H2 200 counts Show response
www.ntd.com/api/v1/ 638 B
430 B 554ms
554ms Fetch
application/json 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ntd.com/api/v1/counts?site=www.ntd.com&post=id

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/39-e693c02de40de378.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23210920e1a9ec06a14f2b84e4ff04ca34844cf767d7d0d195145ed2a953ed92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

expires: Thu, 01 Jan 1970 00:00:00 UTC
date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
author: EMG
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
app-name: remark
access-control-allow-credentials: true
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-robots-tag: noindex
cf-ray: 851a746598e24dc5-FRA
app-version: 0.1.2

GET
H2 200 count Show response
sc.youmaker.com/reaction/share/ 408 B
464 B 221ms
135ms XHR
application/json 34.120.97.157
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.youmaker.com/reaction/share/count?site=www.ntd.com&itemid=970983,971046,971210,971006,971387,971041&token=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.97.157 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 157.97.120.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: ff1577841f8db0bb2b09938df71728b5b1fbbefe089ef0b7a81d392a906e956f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 408

GET
H2 200 geo Show response
pwe.epochbase.com/ 103 B
282 B 186ms
133ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/geo
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: f1cab7d3a4debf5f3e753decc503caf91915c3880b21404f5be461dc61b7bc23

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103

GET
H2 200 default-user.png
www.ntd.com/images/ 3 KB
3 KB 490ms
488ms Image
image/png 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/default-user.png

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 2560
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
etag: W/"a00-18a84a34db0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c91c4dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 share.svg
www.ntd.com/images/ 338 B
319 B 495ms
492ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:25:48 GMT
server: cloudflare
content-encoding: gzip
etag: W/"152-18a84a25ffa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 851a7465c9234dc5-FRA
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 share_single.svg
www.ntd.com/images/ 388 B
340 B 492ms
490ms Image
image/svg+xml 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/share_single.svg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 11 Sep 2023 14:26:49 GMT
server: cloudflare
content-encoding: gzip
etag: W/"184-18a84a34db8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 851a7465c9254dc5-FRA
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H/1.1 200
OK id971063-Pat-Mahomes.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 24 KB
25 KB 29ms
27ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971063-Pat-Mahomes.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

247914240735efa67b4199f728c096b8683f84fcbad7946b88984a3877240c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 24458
Last-Modified: Mon, 05 Feb 2024 19:32:19 GMT
Server: nginx
ETag: "65c137c3-5f8a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31407075
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id971062-Celine-Dion-GettyImages-1986700663.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 11 KB
12 KB 56ms
26ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971062-Celine-Dion-GettyImages-1986700663.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

772d800fd82fc19f4ac32c5771511d1246294fc0b8b5a8fdfaf8e538d3ffe180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 11708
Last-Modified: Mon, 05 Feb 2024 19:31:25 GMT
Server: nginx
ETag: "65c1378d-2dbc"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31401366
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id971211-1.download-2.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 12 KB
12 KB 65ms
28ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971211-1.download-2.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1a69d8074ff42af97336fe5fc0e8a84758430d00e620f40670138ebba978e78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 12078
Last-Modified: Tue, 06 Feb 2024 14:10:16 GMT
Server: nginx
ETag: "65c23dc8-2f2e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31468925
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id971008-Taylor-Swift.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 7 KB
8 KB 63ms
32ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971008-Taylor-Swift.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

090fb501b84c5da363abe0cfe62afd06cc3a2e7c921c21205e557ba0500a6c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 7070
Last-Modified: Mon, 05 Feb 2024 15:43:15 GMT
Server: nginx
ETag: "65c10213-1b9e"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31402266
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id971397-CBS-Radford-Studios.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 22 KB
23 KB 61ms
31ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971397-CBS-Radford-Studios.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

443a55fa2af8e7cccd2fb6e1e9a2ab834d7ed770741cd2ef62a41baa08f4d9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 22966
Last-Modified: Tue, 06 Feb 2024 22:35:39 GMT
Server: nginx
ETag: "65c2b43b-59b6"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31500057
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK id971042-King-Charles-III-GettyImages-1963000810.jpg-352x220.webp
i.ntd.com/assets/uploads/2024/02/ 13 KB
14 KB 59ms
33ms Image
image/webp 2.19.11.183
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ntd.com/assets/uploads/2024/02/id971042-King-Charles-III-GettyImages-1963000810.jpg-352x220.webp

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.11.183 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-11-183.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5add86d0621ee43748eab7622c3a87b73da0c4009ec621795f9fb28b9be76562

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
Date: Wed, 07 Feb 2024 09:02:33 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1403547
Content-Length: 13320
Last-Modified: Mon, 05 Feb 2024 18:29:01 GMT
Server: nginx
ETag: "65c128ed-3408"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31398067
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 apple.jpg
www.ntd.com/images/tv-providers/ 8 KB
8 KB 507ms
506ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/apple.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae28b89ed960eddf42f0f3b3b385316516261f125d7cf72bc017f1de285ad80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 8161
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"1fe1-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c9274dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 comcast.jpg
www.ntd.com/images/tv-providers/ 14 KB
14 KB 646ms
644ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/comcast.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46bb48b07c4889dd66816975b21842973900a4d9efc848c98d55622d797686e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 14232
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"3798-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c9294dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 distrotv.jpg
www.ntd.com/images/tv-providers/ 12 KB
12 KB 637ms
635ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/distrotv.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ce58fe5c3f26bc8d99bde76c9b990cf14c34b5e93b53044d52f1abc0d86cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 12604
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"313c-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c92b4dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 firetv.jpg
www.ntd.com/images/tv-providers/ 23 KB
23 KB 642ms
640ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/firetv.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952ed5d34d71ad32b79b34e662884688dafff050260234610cfae209338a0c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 23554
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"5c02-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c92d4dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 frontier.jpg
www.ntd.com/images/tv-providers/ 18 KB
18 KB 647ms
645ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/frontier.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a28855ba32c69182bba018fec0bc991f4ec03d23ac9a86045e4bf9625d48edfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 18644
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"48d4-18d232d1b9f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c92e4dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 roku.jpg
www.ntd.com/images/tv-providers/ 14 KB
14 KB 648ms
647ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/roku.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf54544f62d9d0e97b9b8a26d424db4f4b98fc4850307978e152990912b1ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 14136
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"3738-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c9304dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 sony.jpg
www.ntd.com/images/tv-providers/ 25 KB
25 KB 640ms
639ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/sony.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6fddd8301d32165dd2a28e977c349c59d648dafce7ead0b52743e735a3cd054

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 25253
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"62a5-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c9314dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 verizon.jpg
www.ntd.com/images/tv-providers/ 11 KB
11 KB 643ms
642ms Image
image/jpeg 2606:4700::6812:181e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ntd.com/images/tv-providers/verizon.jpg

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:181e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2951eafa26a407dcfe41882deeb7b680df8505f384bbabbe2197446e90d3958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 11487
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Jan 2024 19:22:55 GMT
server: cloudflare
etag: W/"2cdf-18d232d1ba0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 851a7465c9334dc5-FRA
expires: Wed, 07 Feb 2024 13:02:34 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/ 216 KB
67 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 00:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68450
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 05:17:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Feb 2025 00:38:52 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 493 KB
197 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 18:21:56 GMT

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ 60 KB
60 KB 607ms
204ms Script
application/javascript 52.92.202.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.202.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 280c077b7b1d63c4191f0d19467acc7dba6f60c0e709f912fcc9b59b10f67938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:35 GMT
Last-Modified: Tue, 06 Feb 2024 21:34:05 GMT
Server: AmazonS3
x-amz-request-id: 8KYQXB3MSYX89BJD
ETag: "b4d14723da7a978d01e3483f44c6dede"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 61345
x-amz-id-2: 9kw7wkr4RLRCuZUgFcwUvCEVelrlCSi5YCPx/YQfptI+1LPkaKOsoW8pmb3QB8ztGVCGFut3MaM=
Expires: Thu, 07 Mar 2024 21:34:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
95 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K52XVPF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62acefec08a6c5db3e31bc9000fdac4843acf30c3dad1b9b5f17c13fbaefd38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 09:02:34 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 56ms
20ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 08:37:39 GMT
x-amz-cf-pop: FRA56-P6
age: 8012
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: cEDDMZwPxSuEwIlizmJckXDLlsPhl0RLF8aRAHHfhgIGRSjF1NFauw==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 81ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28595
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 01:05:59 GMT

GET
H2 200 ae51d432-b517-4c68-9f8a-22444acccbb5 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
833 B 818ms
752ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5acf6f0340266263b19e65e650548a5c5fe1e20dbb82e9eceeca1da11e7f681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: tR_stWbXN2gwBmISguvzUV4bWUMxDHkIQSW_dCufKYl7IqhSSmOrJA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 18ms
18ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 05:28:16 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 12858
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: vzWob4xkiOBPaYiPbuuZP8bbwWXGG8PgBwUY5v6fJK2vhpCS3Ows_g==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 18ms
18ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.ntd.com&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 05:28:16 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 12858
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: N3jz3uIA7vlLnBWM9Y1lbc0odI7JVopgak-eRvc1Iz0VQXaTy9wTNw==

GET
H2 200 tracking Show response
pwe.epochbase.com/api/config/ 108 B
187 B 131ms
130ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/config/tracking?siteId=www.ntd.com
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e9d3d7e6cb9ff6ef4db59515e3f42573f7be7106a6b84e226da79f4413224d78

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 69ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2BRDBGYLL0&gtm=45je4250v896365836za200&_p=1707296553848&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=890314820.1707296554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707296554&sct=1&seg=0&dl=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&dt=Critical%20Entities%20Targeted%20in%20Suspected%20Chinese%20Cyber%20Spying%20%7C%20NTD&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1&tfd=2832
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 82ms
28ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2BRDBGYLL0&cid=890314820.1707296554&gtm=45je4250v896365836za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2BRDBGYLL0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 88ms
44ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2BRDBGYLL0&cid=890314820.1707296554&gtm=45je4250v896365836za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1489600580

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jsapi.v5.12.0.en_US.js Show response
static.mixi.media/static/jsapi/ 251 KB
75 KB 109ms
54ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 07:51:02 GMT
Server: nginx
ETag: W/"62455d66-3eabf"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.mixi.media/ 77 KB
28 KB 545ms
374ms Script
application/x-javascript 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.mixi.media/sm.js
Requested by: Host: mixi.media
URL: https://mixi.media/data/js/95162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK miximedia.svg
static.mixi.media/static/adpreview-assets/mixi-media/images/logo/ 6 KB
6 KB 98ms
41ms Image
image/svg+xml 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mixi.media/static/adpreview-assets/mixi-media/images/logo/miximedia.svg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Mon, 30 Sep 2019 14:11:01 GMT
Server: nginx
ETag: "5d920cf5-1849"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6217

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4129 45 KB
28 KB 49ms
48ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&badge=bottomright&cb=eduoxz6nx506

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca2c578b9f6aa5bcb02341841582290fecaf3c6e784edc7f93f470035adccdd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BOZqMsJUQUX5MR_9oSOnhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BOZqMsJUQUX5MR_9oSOnhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:02:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
353 B 119ms
59ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ZLTOZE22wdsAu&cb=0&ws=1600x1200&v=24.205.1508&t=2000&slots=%5B%7B%22sd%22%3A%22below_article_ads%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DSc3mY27qcZ_CiYO8bGVgu_37GoCpHKr6AKEwsM3NgNJjcxgWbfLEg==

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 638 B
747 B 139ms
35ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 09:02:34 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
389 B 376ms
113ms XHR
application/json 34.225.106.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=530ea5f2d07083&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYmVsb3dfYXJ0aWNsZV9hZHMiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzM2LDI4MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MH0=&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.106.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-106-11.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
408 B 73ms
19ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 586 B
1 KB 144ms
66ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_article_below_end_336&tk_flint=pbjs_lite_v6.23.0&x_source.tid=a1b8bbdf-df10-4634-a8c0-616ae9ad0e22&l_pb_bid_id=102974a571c2079&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_article_below_end_336&slots=1&rand=0.3344266670385163
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 648714169a4704f5a776742a1bab68fc0ec75c1259bc96010cbbbbda261f2a58

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 586
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
541 B 127ms
67ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360724&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211131dd37bccb11%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22127df0c48f335f6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360724%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_article_below_end_336%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a0107d9b73aca4549294993dde09523f98df2c6b05e8bf6edc7db8219ba094

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXtZ6Bv45Sa1CUfv7hiBXUhAnSXS0BE2rHic%2BRQj58QcP6TDNwERAr3b%2BpUhQ5YJpmchbH7oTM0ChwFi7UFJ0nsbSpxzRn9F55B45hUd8pWYMo4Fn8kZYauIcNaZ2mFtf4jkdATc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 851a74682bde58de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
826 B 130ms
56ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9179d1ad2f7a8d7cae03165f76a80f6145cbf9b2250ac368b4ea52fed2d6ced3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
an-x-request-uuid: 22f245f1-f1f4-451c-8c5d-04ba9818c879
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
351 B 110ms
62ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&pid=ZLTOZE22wdsAu&cb=1&ws=1600x1200&v=24.205.1508&t=2000&slots=%5B%7B%22sd%22%3A%22sidebar_ads_right_top_300_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:33 GMT
via: 1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bW-PumsaA7cN9EJyer1KuIn_PjtQWPosiORckOWHfAMqO1fm07LeEg==

POST auction
prebid.adnxs.com/pbs/v1/openrtb2/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
407 B 67ms
20ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.ntd.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
827 B 113ms
45ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

fac2c480b9391a7217a606eb23d7d6b6d5794d4041c622b209287dc634ae64b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
an-x-request-uuid: 51452a31-6f40-4b8a-ad9f-f9bb844fe5aa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ntd.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 554 B
892 B 138ms
67ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&rf=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.ref=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.page=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&tg_i.domain=ntd.com&tg_i.pbadslot=%2F5965368%2Fntd.tv_336x280-3&tk_flint=pbjs_lite_v6.23.0&x_source.tid=aa2cbc99-f797-46f4-8fec-f80a70d98f87&l_pb_bid_id=25984b966342ab6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5965368%2Fntd.tv_336x280-3&slots=1&rand=0.3610017574871107
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 98dde6fd7859800b0babdf97b77352053b9e180595d2f2dd57ab6d3be2669354

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 554
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
390 B 366ms
113ms XHR
application/json 34.225.106.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_rid=26969c3f72fb90a&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XX0=&ntv_dbr=eyJiZWxvd19hcnRpY2xlX2FkcyI6MCwic2lkZWJhcl9hZHNfcmlnaHRfdG9wXzMwMF8xIjowfQ==&ntv_url=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.106.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-106-11.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.ntd.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
308 B 123ms
70ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360713&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222891ed73b4e6953%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html%22%2C%22domain%22%3A%22ntd.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ntd.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229f69d8f74e5f26%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%2C%22gpid%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%7D%7D
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea1400623ee89c9527e94d9e814f2df0cbc500f1c45dc1d3945ec7bf25cd21a

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuytR48EEqBQ5an1xfrgIyD4z5ty34kSS7TvlD22tezo429udj4CSSWzp0ILdXpjv7k4vjKTkKy1W73DHGngxoR21MW9GMghCLgkqj%2BBGLfskiCvLEMskfSaT9FZGt%2FZYbCVfZEB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.ntd.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 851a74682be258de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 5965368 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 95ms
52ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5965368?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4544257c14ecf2d28f2162c38798bc7e4fd73d59b7aefc8beccdebfbf5676c25

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4jGcTFoY_4u8Md4Goz0CMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4jGcTFoY_4u8Md4Goz0CMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNwzsIQWEYBuBzvnxCklhcyiRhMpqVMhiYjiSTkjLbMBmZ1P8PNhvFYjAYjAa5THIZLK7J4jJg8D71mEZq0ORSon6XMtlsaYHzyI5WuPQeaI1l5Ug13GtHOmPIf6Iwqr8zGfH-vJDhdSEH-vDuvNIbh_GY7qYJ1qcEZyuCi2jpCQ70BQ-mgkeYOQnOYZsld7GZlNzCSF5yAh8FyV-MVyWnsbSdcQXtnjm70WY2dBr1nt46_ixr6h_e6lWN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mixpanel-2.48.1.min.js Show response
pwe.epochbase.com/libs/ 52 KB
18 KB 169ms
132ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 15 Dec 2023 22:33:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 10:02:34 GMT

GET
H3 200 template Show response
pwe.epochbase.com/api/ 1 KB
676 B 133ms
133ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-navbar
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 1113ms
1113ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

pragma: public
date: Wed, 07 Feb 2024 09:02:35 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 07 Feb 2024 10:02:35 GMT

GET
H3 200 data Show response
pwe.epochbase.com/api/flow/ 5 KB
1017 B 131ms
131ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/data?siteId=www.ntd.com&flowId=live-ntd
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 92afa134a96be4e90c9cd070737d84092d67f1340152a9c80ee4ee505ba968c5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200 jsapi Show response
mixi.media/newdata/ 8 KB
3 KB 319ms
318ms XHR
application/json 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mixi.media/newdata/jsapi?action=news
Requested by: Host: static.mixi.media
URL: https://static.mixi.media/static/jsapi/jsapi.v5.12.0.en_US.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: f65f7f1257f3c6c35f32ce68fe9fdb69a317c08a735fa2647940b31c3e80aba8

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 09:02:34 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 07-Feb-2024 09:02:34 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.ntd.com
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Node: ads5-3sselp11

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 4129 55 KB
24 KB 57ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&badge=bottomright&cb=eduoxz6nx506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 17:09:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 4129 493 KB
196 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 18:21:56 GMT

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 352ms
113ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=pi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 07 Feb 2024 09:02:34 GMT
expires: Wed, 07 Feb 2024 10:02:34 GMT
pragma: public
server: nginx/1.20.1

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 244ms
116ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 AGSKWxX3bWvp0tcZTwgFkwpdpWa7aYmLwD7fyXk90BqFPQZDgRXFE669CDbzTDPx_0L-l2KfD35oj32Aiv9hE9urTdl2OPM04nULI5BY8ar-R_LfZWVLRfnm182iLN44ufVHnK-EBuFUBg== Show response
fundingchoicesmessages.google.com/f/ 399 KB
61 KB 148ms
148ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX3bWvp0tcZTwgFkwpdpWa7aYmLwD7fyXk90BqFPQZDgRXFE669CDbzTDPx_0L-l2KfD35oj32Aiv9hE9urTdl2OPM04nULI5BY8ar-R_LfZWVLRfnm182iLN44ufVHnK-EBuFUBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3Mjk2NTU0LDM0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubnRkLmNvbS9jcml0aWNhbC1lbnRpdGllcy10YXJnZXRlZC1pbi1zdXNwZWN0ZWQtY2hpbmVzZS1jeWJlci1zcHlpbmdfNjI3ODk0Lmh0bWwiLG51bGwsW1s4LCJDMlF5ZEo1dlBvWSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.C2QydJ5vPoY.es5.O/am=wA/d=1/rs=AJlcJMxKuy2FXwuOG2GZCbidw-lVOyC_1A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c21bf6bde24d32b19560bd7f803f39c65d33b5d11a54c8fc52c695008c520417

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YScsP5HhUmdNbqyB15CNDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YScsP5HhUmdNbqyB15CNDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcKzq613HJnDi5dxHjAAUnVCq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 38 B
54 B 132ms
132ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=a1b06690-c597-11ee-8bda-bb83457eeaef&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&resetPeriod=1&resetUnit=days&countSamePage=false
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38

GET
H3 200 KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js Show response
www.google.com/js/bg/ Frame 4129 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&badge=bottomright&cb=eduoxz6nx506
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 04:46:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6842
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 04:46:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4129 2 KB
2 KB 20ms
18ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 133540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 12 Feb 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4129 15 KB
15 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 466538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4129 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:44:28 GMT
x-content-type-options: nosniff
age: 418686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 12:44:28 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4129 102 B
135 B 27ms
27ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjeuEZAAAAAPHmiF00RZ9larFD4UzrwR3kWC8x&co=aHR0cHM6Ly93d3cubnRkLmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&badge=bottomright&cb=eduoxz6nx506
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 09:02:34 GMT

POST
H2 200 / Show response
mixproxy.epoch.cloud/mixpanel/track/ 1 B
696 B 271ms
206ms XHR
application/json 2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mixproxy.epoch.cloud/mixpanel/track/?ip=1&_=1707296554412

Requested by

Host: pwe.epochbase.com
URL: https://pwe.epochbase.com/libs/mixpanel-2.48.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 36
alt-svc: h3=":443"; ma=86400
content-length: 1
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ntd.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3dz5zCqH%2FjFgZwG5HTRdR2KIvhk42TKRINKS2CEZWXTiPBQsEdmucHXY9W1l5gM8WrgmVyjlmq1rU7rhx%2BBO0uovzq1okJCUf0pSsYjgkTOwTLW5mG4F6Jr5waVlZG%2FKGjSOhrXbQCOS3dnQMQlYTUgdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 851a746989c265cc-FRA
access-control-allow-headers: X-Requested-With

POST
H3 200 meter Show response
pwe.epochbase.com/api/flow/ 0
13 B 141ms
141ms XHR
text/plain 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/flow/meter?uid=a1b06690-c597-11ee-8bda-bb83457eeaef&siteId=www.ntd.com&flowId=live-ntd&pageId=https:%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
via: 1.1 google
server: nginx/1.20.1
vary: Origin
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 105 KB
6 KB 80ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.C2QydJ5vPoY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzgffkJcizCmCQfGxxELphQRTDJrA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 09:02:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 09:02:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 466538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 23:26:56 GMT

GET
H/1.1 200
OK 11598227.jpeg
static7.mixi.media/img/400x300/ 44 KB
44 KB 105ms
47ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/11598227.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: ea4c0ba8c9a78ebc69e64cb4db72959cafb8a8f0925a12cf0d22bbc0c806e66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Fri, 02 Feb 2024 08:57:16 GMT
Server: nginx
ETag: W/"65bcae6c-16b2c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 45132

GET
H/1.1 200
OK 10924735.jpeg
static7.mixi.media/img/400x300/ 48 KB
48 KB 103ms
46ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/10924735.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 529051b3ab6a814d42e2a290e8823318e60838e434165b7524ff03da146cb9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Fri, 14 Apr 2023 02:56:47 GMT
Server: nginx
ETag: W/"6438c0ef-1ccc5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 48933

GET
H/1.1 200
OK 11598199.jpeg
static1.mixi.media/img/400x300/ 77 KB
78 KB 105ms
48ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.mixi.media/img/400x300/11598199.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 2f12d5db3e69f5a905c29b39192d524bccf1fd507c4ca4ef499eb04fa5e3bb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Fri, 02 Feb 2024 08:46:22 GMT
Server: nginx
ETag: W/"65bcabde-d680"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 79310

GET
H/1.1 200
OK 11419831.jpeg
static7.mixi.media/img/400x300/ 69 KB
69 KB 100ms
44ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/11419831.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 526ee5f1d99dfb9690dab080a631b7860b4794f0b0e3b6ce38333d533bfa5d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Sat, 18 Nov 2023 08:55:36 GMT
Server: nginx
ETag: W/"65587c08-24005"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 70382

GET
H/1.1 200
OK 11598254.jpeg
static7.mixi.media/img/400x300/ 41 KB
41 KB 101ms
45ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static7.mixi.media/img/400x300/11598254.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 1d3cf6da2e9500478ea777930c0063b0be6456963313a7f5798d4e670ab75359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Fri, 02 Feb 2024 09:01:06 GMT
Server: nginx
ETag: W/"65bcaf52-372f0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 42067

GET
H/1.1 200
OK 11580740.jpeg
static6.mixi.media/img/400x300/ 62 KB
63 KB 98ms
43ms Image
image/jpeg 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static6.mixi.media/img/400x300/11580740.jpeg
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: fe42b20d8fb9877e0fff2aed972e9c1b61d848bee536e1da23ff014f54e83412

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Thu, 25 Jan 2024 19:54:10 GMT
Server: nginx
ETag: W/"65b2bc62-5550c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 63807

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:10:32 GMT
x-content-type-options: nosniff
age: 49922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:10:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 02:19:49 GMT
x-content-type-options: nosniff
age: 110565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:19:49 GMT

POST
H3 204 AGSKWxUGHtM4OrkYd68BIMF_WwRxaYC7cFl6_Ohv-3Sz8gaPCxOFfZ1aLRSzRZC3eUbWgM4nxqBjnvG3gUuML9EQ1_RsOoI1gGiFmTqdpU9z1MwhUb-DrqezwQrs7GeDYKJ-U07_cGV05Q== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 73ms
31ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGHtM4OrkYd68BIMF_WwRxaYC7cFl6_Ohv-3Sz8gaPCxOFfZ1aLRSzRZC3eUbWgM4nxqBjnvG3gUuML9EQ1_RsOoI1gGiFmTqdpU9z1MwhUb-DrqezwQrs7GeDYKJ-U07_cGV05Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WdFSwCn0coNRYTtWXEf68A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-WdFSwCn0coNRYTtWXEf68A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiHY1Vf7zo2gQ9TVm9hAgDFKh6j"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.ntd.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 us.gif
sync.go.sonobi.com/ 49 B
445 B 361ms
114ms Image
image/gif 2607:f350:3:2569:0:10:0:200d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BUID%5D

Requested by

Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:34 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-126
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 450 B
1 KB 223ms
57ms Script
application/javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COeDAxj397eW2DE&cb=_callbacks____0lsbkacn3
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: 62dc7348fb09092f56f30d298749dd82ae997c3eb0776a3604b052c72b431cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:34 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 44268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 20:44:46 GMT

OPTIONS
H2 200 c
ea.epochbase.com/api2/pw/ Frame 0
0 112ms
112ms Preflight 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ntd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Content-Type,Authorization
access-control-allow-methods: GET, POST, PATCH, OPTIONS, PUT, DELETE
access-control-allow-origin: *
allow: GET, POST, OPTIONS, PUT, DELETE
cache-control: max-age=3600 public
content-length: 0
date: Wed, 07 Feb 2024 09:02:34 GMT
expires: Wed, 07 Feb 2024 10:02:34 GMT
pragma: public
server: nginx/1.20.1

GET
H3 200 template Show response
pwe.epochbase.com/api/ 4 KB
1 KB 132ms
131ms XHR
application/json 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/api/template?siteId=www.ntd.com&templateId=sign-in-combo&version=
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: d5fa5a1f4fb7b2ac5071a2f12b0d3615048df32a5686cc1d32610a79d5ff5a29

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.1
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.ntd.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 c Show response
ea.epochbase.com/api2/pw/ 0
309 B 912ms
912ms XHR
text/plain 4.7.168.74
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://ea.epochbase.com/api2/pw/c?tid=18YNVJRYGD&et=wi
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.7.168.74 Hazleton, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

pragma: public
date: Wed, 07 Feb 2024 09:02:35 GMT
server: nginx/1.20.1
allow: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.ntd.com
cache-control: max-age=3600, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
expires: Wed, 07 Feb 2024 10:02:35 GMT

GET
H3 200 react.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 10 KB
4 KB 136ms
136ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:10 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 10:02:34 GMT

GET
H3 200 react-dom.production.min.js Show response
pwe.epochbase.com/libs/react@18.2.0/ 129 KB
44 KB 135ms
135ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/react@18.2.0/react-dom.production.min.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 02 Dec 2023 22:34:44 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 10:02:34 GMT

GET
H3 200 signInCombo-2.1.umd.js Show response
pwe.epochbase.com/libs/ 259 KB
74 KB 133ms
133ms Script
text/javascript 34.110.129.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pwe.epochbase.com/libs/signInCombo-2.1.umd.js
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/_next/static/chunks/pages/_app-6edef8c4a05febf4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.110.129.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 224.129.110.34.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 011c3a8ee832e9fea76383ccc099abe947f335ae052375a4a1a8f6e4a6bcc798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 05 Feb 2024 23:08:20 GMT
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, public, no-transform
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 10:02:34 GMT

GET
H/1.1 200 /
mixi.media/cookiematching/ 43 B
883 B 114ms
113ms Image
image/gif 136.243.66.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mixi.media/cookiematching/?payload=CkQKB19zbV91aWQSJGVkZTllNzQzLTNjZjEtNGQ3YS04OTRhLWI0YzA5ZjQ0YmJmZBoLLm1peGkubWVkaWEiAS8ogOeEDwotCgdfc21fdWR0Eg0xNzA3Mjk2NTU0ODE2GgsubWl4aS5tZWRpYSIBLyiA54QPCkIKB19zbV9zaWQSJDcyMzU5ZmNlLTQzZmEtNGFlMC05NGQ0LTk3ODk2YWFkMWE5ZBoLLm1peGkubWVkaWEiAS8oiA4%3D&rnd=1707296554850
Requested by: Host: www.ntd.com
URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.66.182 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mixi.media
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Wed, 07 Feb 2024 09:02:34 GMT
Last-Modified: Wednesday, 07-Feb-2024 09:02:34 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 07 Feb 2024 09:02:34 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 178ms
62ms XHR
text/plain 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 07 Feb 2024 09:02:34 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 48 KB
15 KB 78ms
21ms Script
application/javascript 2600:9000:225e:9800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/5N0H11N/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 36b0f63a963e58ee8237eeaa107f684bf066da8642977f05565ef232b1437e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:13:08 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 49767
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 6KQBsWCRU_ENEi3j1TVaoqNlJfq6jvhzlvtJnvVyu7btkJdz4pfRsQ==

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 57ms
57ms XHR
text/plain 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.mixi.media
URL: https://stat.mixi.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ntd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 07 Feb 2024 09:02:35 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

/ Show response
a.clickcertain.com/px/
Redirect Chain

https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
https://a.clickcertain.com/px/smart/a/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095

5 KB
2 KB

156ms
155ms

Script
text/javascript

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d99fd5771d823561d9c1eed3616d152ea40756fa2eb6c4cd86eb2281f3481dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:35 GMT
content-encoding: br
x-frontend: cc-nginx-7596cb87dd-79r2p:cc-nginx-7596cb87dd-79r2p
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: f5c3b474-d83c-4c9b-ad95-e34a22a10edf
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h55PGaHgUr8MSpJN8TK%2B1qk3UzQPaMQazzEJKLGe26EWH8Ol%2BTXMMvCOQXF2Z3IhEAUhoqs5PVTGbhAqQpMCHNNzt%2FwbirBheCPjrfE0HU2WyrMPDiJA1rlXYK9UynOAaUVwtDFDik6mHqowZ9IvUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 851a74709a113635-FRA

Redirect headers

date: Wed, 07 Feb 2024 09:02:35 GMT
x-frontend: cc-nginx-7596cb87dd-rsll8:cc-nginx-7596cb87dd-rsll8
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=du7lql1%2ByVm%2FkDiR5p%2FXictz7qEM8B%2B7yd1HutTnwIxl5mAHVtqSpYvZVVwlLvhj5BH6piugmvCYAtpuYGnZn09fF5DSwKnLV7cQ1yp3NPbeEGF4kTDsf1%2B5DLjAMTT4a7y95jpcPf19BplMS%2FQ8cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2455d1796b86efb&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
cf-ray: 851a746f98fc3635-FRA

GET
H2 200 ActaDeck-Medium.otf
cdn.epoch.cloud/assets/fonts/ 51 KB
51 KB 291ms
228ms Font
application/octet-stream 2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/ActaDeck-Medium.otf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:35 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Feb 2020 18:57:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e4d8523-ca40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoBw4b8M3c3occKB9UPTNFxLZfWKpYqUtRtLR4hIplnlV%2BG6x0brFNPeQ1f39L0x%2BRmqdIIQKaFNbunYgIKGnmhRc6QnTxVM4Lve69LIf95Z7ZXjNbbFt7b0zygq%2FrdamyNeW2mJmYd8YQQLDX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 851a746efbcd2c3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 51776

GET
H2 200 RingsideNarrow-Medium.otf
cdn.epoch.cloud/assets/fonts/ 123 KB
124 KB 196ms
133ms Font
application/octet-stream 2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.epoch.cloud/assets/fonts/RingsideNarrow-Medium.otf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55

Request headers

Referer: https://www.ntd.com/
Origin: https://www.ntd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:35 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Jun 2022 20:08:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "629fb029-1ed24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9Ya4vjrhoTuDVeTuhEx4mw3c69yULsK6WWFQLO3IkIEtEuhzRu8hJfsjcXAdwmoUyirsRjM8PA%2FkZmzv3BKsta9VvfLMESRGFG1tzrANIS1J8etms705Dj28%2FwJwK6ezfZgHBcZMl8gzfr%2BYA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 851a746efbce2c3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 126244

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1707296555315&se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&tv=v2.13.0&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spyi...
https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&cd=.ntd.com&dtstmp=1707296555315&tv=v2.13.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-tar...

13 B
318 B

537ms
120ms

XHR
application/json

18.214.207.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&cd=.ntd.com&dtstmp=1707296555315&tv=v2.13.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx
Protocol: H2
Server: 18.214.207.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-207-120.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ntd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
x-pixel-event-id: 63671f68-3f88-4533-a05e-529eb3abcb4e
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93&cd=.ntd.com&dtstmp=1707296555315&tv=v2.13.0&n3pc=true&wpn=lc-bundle&pu=https%3A%2F%2Fwww.ntd.com%2Fcritical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEx
access-control-allow-origin: https://www.ntd.com
date: Wed, 07 Feb 2024 09:02:35 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 / Show response
a.clickcertain.com/px/cont/ Frame 9E33 2 KB
1 KB 137ms
137ms Document
text/html 2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Requested by: Host: a.remarketstats.com
URL: https://a.remarketstats.com/px/smart/?c=2455d1796b86efb&seg=critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36dfe9020d8ca59d0862c9b8111eb0f9ca29fbec738d88c7ff5a459950972ae5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 851a74719b673635-FRA
content-encoding: br
content-type: text/html
date: Wed, 07 Feb 2024 09:02:35 GMT
etag: W/"ODNhOGU0NDBnMDAxNGc0ODc4ZzkwNDBnNGUxZjhiODkzOTA0LXow"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9ehDkHM70xQJO7j%2FOpTJTrTZrZCngx8%2FTSMn24Kf1Od70I96ks4CTPKmIcq4JHZKevZlMZrgs1BLxvRKdlRKI73m7fBiTL0jYaGGRfqBxc%2BeYUOlBDZfuCluYpDFWRo3bjLzddAmCaVCUrPVICnbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frontend: cc-nginx-7596cb87dd-rsll8:cc-nginx-7596cb87dd-rsll8
x-requestid: 4b88541f-c75b-4ac4-89ca-97430d99cb72

GET
H2

204

/
a.clickcertain.com/px/ta/ Frame 9E33
Redirect Chain

https://a.clickcertain.com/px/ta/?ccid=83a8e440-0014-4878-9040-4e1f8b893904
https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=83a8e440-0014-4878-9040-4e1f8b893904&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3318&partner_device_id=83a8e440-0014-4878-9040-4e1f8b893904&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26...
https://a.clickcertain.com/px/ta/?done=true&ta_id=19e1277a-3f7c-41ba-8044-a0e24bc0c9b0

0
515 B

142ms
142ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/ta/?done=true&ta_id=19e1277a-3f7c-41ba-8044-a0e24bc0c9b0
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
x-frontend: cc-nginx-7596cb87dd-rsll8:cc-nginx-7596cb87dd-rsll8
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: edc91850-177c-4177-9cce-57b102414541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZPJ5vPeyiJVsfljypbgl2wOCyPK%2Bvgg7TQONmACoZWT9LokDSwnNyMxpk45l2F0xMF4MhhrJTB%2BmDg6t4RzEGxfNDSsMTPR9qvh%2BbUNvb1TJGkZoiNVNmR72EhiDWJvQYrW6d%2BfF8uT5JCfqLDeww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 851a74743f103635-FRA

Redirect headers

date: Wed, 07 Feb 2024 09:02:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.clickcertain.com/px/ta/?done=true&ta_id=19e1277a-3f7c-41ba-8044-a0e24bc0c9b0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

/
a.clickcertain.com/px/t/ Frame 9E33
Redirect Chain

https://a.usbrowserspeed.com/cs?puid=071f8e66-8c00-5555-88bf-7ec66d7b9530&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d33fc63b9%2da7e0%2d49f9%2d9b01%2d1d8bbb97a09...
https://a.clickcertain.com/px/t/?done=true&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&uid=8b675dc8-cdc6-4730-95b1-161ab7e82211&hem=

0
332 B

143ms
143ms

Image
text/plain

2606:4700:20::681a:932
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.clickcertain.com/px/t/?done=true&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&uid=8b675dc8-cdc6-4730-95b1-161ab7e82211&hem=
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Server: 2606:4700:20::681a:932 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
x-frontend: cc-nginx-7596cb87dd-79r2p:cc-nginx-7596cb87dd-79r2p
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: b3f2bed9-fd1c-4978-a128-91a89297d8a0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pLSKsl%2FqyNPSDn1aeEJMGAZrs0%2FkGGaUc3tjJBZcnCWpmvA1goPcKmGKjSx7sswRQgDxgzDWEYfhLLb575jgje%2BN69dgQKoALi1eQTEkGHE63V59G23D8sA6ZBlieFCGvU9LnqN4KyPWFB4iYkgcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 851a747669bb3635-FRA

Redirect headers

location: https://a.clickcertain.com/px/t/?done=true&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&uid=8b675dc8-cdc6-4730-95b1-161ab7e82211&hem=
date: Wed, 07 Feb 2024 09:02:36 GMT
server: awselb/2.0
content-length: 164
content-type: text/html; charset=utf-8

GET
H2 200 ldc.js Show response
tag.trovo-tag.com/ Frame 9E33 1 KB
1 KB 141ms
34ms Script
application/javascript 2600:9000:2156:c200:e:291c:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
Requested by: Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:e:291c:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache
content-length: 1164
x-amz-cf-id: fRs2TBgFJgwEjU5c7F6PluswqAKsNuJSQ63YVqe27YyvCjy0MSlQ7g==

GET
H/1.1

400
Bad Request

fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 9E33
Redirect Chain

https://match.prod.bidr.io/cookie-sync/fivebyfive
https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

27 B
27 B

44ms
44ms

Image
text/plain

52.48.107.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095

Protocol

HTTP/1.1

Server

52.48.107.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-107-219.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1
Date: Wed, 07 Feb 2024 09:02:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9E33
Redirect Chain

https://a.clickcertain.com/px/r/?ccid=83a8e440-0014-4878-9040-4e1f8b893904
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=83a8e440-0014-4878-9040-4e1f8b893904&ccid=83a8e440-0014-4878-9040-4e1f8b893904&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%25...
https://a.clickcertain.com/px/li/?ccid=83a8e440-0014-4878-9040-4e1f8b893904&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2...

170 B
409 B

85ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d83a8e440%2d0014%2d4878%2d9040%2d4e1f8b893904%26anx_uId%3d%24UID

Requested by

Host: a.clickcertain.com
URL: https://a.clickcertain.com/px/cont/?c=2455d1796b86efb&ccid=83a8e440-0014-4878-9040-4e1f8b893904&cn=DE&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a.clickcertain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 07 Feb 2024 09:02:36 GMT
x-frontend: cc-nginx-7596cb87dd-vg69t:cc-nginx-7596cb87dd-vg69t
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 3a968d6f-b51e-406a-864f-31477c8adaa2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq0S6GTBqEeYNi%2FrYx3HN2%2Bjibja4%2FLokdVYqGRPiPO5PxMm2n1NRY8i7GaqmD%2FOaUFaVRMczGO5BxkhNnlftW7U%2FpSnvHEFQ18mjAOknIiJRfawnuzM6PRjB0reZrlmyTVaC3WY%2BYb8iFAbZ9wMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_cm=1&google_sc=1&redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26ccid%3d83a8e440%2d0014%2d4878%2d9040%2d4e1f8b893904%26anx_uId%3d%24UID
cf-ray: 851a747649853635-FRA

GET
H2 204 /
onetag-sys.com/usync/ Frame 4DD6 0
0 20ms
19ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1707296554265

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 17F0 281 B
555 B 92ms
29ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Feb 2024 09:02:36 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 41C3 3 KB
2 KB 85ms
33ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 879
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 851a74771d1558f0-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 09:02:36 GMT
expires: Wed, 07 Feb 2024 13:02:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3CAF 52 KB
17 KB 92ms
23ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 07 Feb 2024 09:02:36 GMT
ETag: "623de86a-cf34"
Expires: Thu, 08 Feb 2024 09:02:38 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BB13 52 KB
17 KB 93ms
23ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 07 Feb 2024 09:02:36 GMT
ETag: "623de86a-cf34"
Expires: Thu, 08 Feb 2024 09:02:38 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame F0C0 0
0 19ms
18ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1707296554265

Requested by

Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame BCE6 3 KB
1 KB 84ms
35ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: i.ntd.com
URL: https://i.ntd.com/assets/themes/m-ntd/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.ntd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 879
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 851a74771d1858f0-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 09:02:36 GMT
expires: Wed, 07 Feb 2024 13:02:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 17F0 39 KB
11 KB 30ms
30ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 704736337e4fc877b25b5dd24b6efaccdeadf0f3730d3a01b40897f38b7f150e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2024 18:36:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=34396
Connection: keep-alive
Content-Length: 10921
Expires: Wed, 07 Feb 2024 18:35:52 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 3CAF
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
971 B

29ms
29ms

Script
text/html

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:36 GMT
an-x-request-uuid: 70b2b83e-d944-48f5-b787-d0ce0b82bdfd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:36 GMT
an-x-request-uuid: 03ae5758-c9e0-4a7d-a77c-b80f00dcbedf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame BB13
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
970 B

36ms
36ms

Script
text/html

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:36 GMT
an-x-request-uuid: 2b1df584-a60e-49ca-a2e1-b3895d9c6a05
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:02:36 GMT
an-x-request-uuid: 16db5fde-3a9f-4f4e-9bd3-bf53965a45b6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.24; 217.114.218.24; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 193f0456 Show response
tag.trovo-tag.com/ Frame 973F 738 B
994 B 35ms
34ms Document
text/html 2600:9000:2156:c200:e:291c:8fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=&v=js-0.1.0&aid=193f0456&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:e:291c:8fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c3e44bb37df5198c8881cbd540176dd73336cb7178b11e6005aa59d6f188cb1b

Request headers

Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 738
content-type: text/html
date: Wed, 07 Feb 2024 09:02:36 GMT
server: CloudFront
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-id: ixtC4MjAUFsfJTkcAHzThVhZVgAi-NNGKIarFc3M0NOi1DXe9YboZQ==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront

GET
H2 200 /
a.remarketstats.com/px/smart/ Frame 973F 840 B
840 B 123ms
122ms Image
text/javascript 2606:4700:20::681a:27a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=&v=js-0.1.0&aid=193f0456&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:27a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
content-encoding: br
x-frontend: cc-nginx-7596cb87dd-79r2p:cc-nginx-7596cb87dd-79r2p
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 30d3aa84-7023-4c41-b358-6184ecf88dc5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waOAYlEEIf7RV84hpF5U1Y9gIJA3O2aPbcfXJeIo477IuxL0DKa0XqYMbtnUgkoe01p8ElcWcNzGpInP6F3%2Fipg7EYOR9ZTd%2BdZ19Xe9qU0HATacB%2FA5vqiYDtlvX15J7udDVYmFVOXCcVTd9U5nDXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 851a7477e9ac39d9-FRA

GET
H2 204 lds
a.usbrowserspeed.com/ Frame 973F 0
147 B 276ms
276ms Image
text/plain 52.88.227.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.usbrowserspeed.com/lds?aid=193f0456&pid=193f0456&external_id=&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&v=js-0.1.0&rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=
Requested by: Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=&v=js-0.1.0&aid=193f0456&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.88.227.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-88-227-35.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:02:36 GMT
server: awselb/2.0

GET
H/1.1 400
Bad Request fivebyfive
match.prod.bidr.io/cookie-sync/ Frame 973F 27 B
27 B 44ms
44ms Image
text/plain 52.48.107.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/fivebyfive

Requested by

Host: tag.trovo-tag.com
URL: https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2455d1796b86efb%26ccid%3D83a8e440-0014-4878-9040-4e1f8b893904%26cn%3DDE%26rid%3D33fc63b9-a7e0-49f9-9b01-1d8bbb97a095&ref=&v=js-0.1.0&aid=193f0456&rid=33fc63b9-a7e0-49f9-9b01-1d8bbb97a095

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.107.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-107-219.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.trovo-tag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 09:02:36 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 27
content-type: text/plain

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 17F0 7 B
380 B 81ms
19ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 0c26bf0e0878be6b26493f33577d6373
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: https
URL: https://https//i.ntd.com/assets/uploads/2021/06/Pulse-Secure-smartphone-app-1200x761.jpg

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Domain: prebid.adnxs.com
URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 03:50:56	Name: lidid Value: 73310f41-0822-4f29-b3bb-d982347626dc
i.liadm.com/s	1970-01-20 18:58:08	Name: _li_ss Value: CgA
tnews.to/	1970-01-20 18:58:08	Name: prli_click_3555 Value: china-cyber-spying-us
tnews.to/	1970-01-21 03:00:32	Name: prli_visitor Value: 65c34727e628f
.ntd.com/	1970-01-21 03:50:56	Name: pw_cid Value: a1b06690-c597-11ee-8bda-bb83457eeaef
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _B3UDIPay0g
.youtube.com/	1970-01-20 22:34:08	Name: VISITOR_INFO1_LIVE Value: 9Nm_QNcsan4
.ntd.com/	1970-01-21 03:50:56	Name: _ga_2BRDBGYLL0 Value: GS1.1.1707296554.1.0.1707296554.60.0.0
.ntd.com/	1970-01-21 03:50:56	Name: _ga Value: GA1.1.890314820.1707296554
.adnxs.com/	1970-01-21 03:50:56	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 03:00:32	Name: khaos Value: LSBKACDL-C-19AB
.rubiconproject.com/	1970-01-21 03:00:32	Name: audit Value: 1\|naVuGyos1qo/KpsvNL5alLU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+0qc2IU2I2v93OnsRse95/Ojkrb82NJt2nRBUi+XdzHw6N2KapppFlq+xUA9sgf/4bKpUjWTmmg0
.ntd.com/	1970-01-21 03:00:32	Name: mp_lib Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d82cdfda9c62-057908cf21e6f2-65335652-1d4c00-18d82cdfda9c62%22%2C%22%24device_id%22%3A%20%2218d82cdfda9c62-057908cf21e6f2-65335652-1d4c00-18d82cdfda9c62%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.mixi.media/	1970-01-20 20:38:56	Name: nid Value: ads5-3sselp11
.stat.media/	1970-01-21 03:00:32	Name: _sm_uid Value: ede9e743-3cf1-4d7a-894a-b4c09f44bbfd
.stat.media/	1970-01-21 03:00:32	Name: _sm_udt Value: 1707296554816
.stat.media/	1970-01-20 18:14:58	Name: _sm_sid Value: 72359fce-43fa-4ae0-94d4-97896aad1a9d
.stat.media/	1970-01-20 18:58:08	Name: _sm_cm Value: 32
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86126\|ZcNHL
.mixi.media/	1970-01-21 03:00:32	Name: _sm_uid Value: ede9e743-3cf1-4d7a-894a-b4c09f44bbfd
.mixi.media/	1970-01-21 03:00:32	Name: _sm_udt Value: 1707296554816
.mixi.media/	1970-01-20 18:14:58	Name: _sm_sid Value: 72359fce-43fa-4ae0-94d4-97896aad1a9d
www.ntd.com/	1970-01-20 22:34:08	Name: _geuid Value: 71c78108-3c03-4d14-831f-606510e916a4
www.ntd.com/	1970-01-20 22:34:08	Name: _geps Value: true
.ntd.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .ntd.com
.ntd.com/	1970-01-21 03:50:56	Name: _lc2_fpi Value: 33df6995a8cd--01hp1cw05s2ge4v3nefzrtfd93
.ntd.com/	1970-01-21 03:50:56	Name: _lc2_fpi_meta Value: {%22w%22:1707296555193}
a.clickcertain.com/	1970-01-21 03:00:32	Name: _ccpx_u Value: 83a8e440%2d0014%2d4878%2d9040%2d4e1f8b893904
.liadm.com/	1970-01-21 03:50:56	Name: lidid Value: 73310f41-0822-4f29-b3bb-d982347626dc
a.clickcertain.com/	1970-01-21 03:00:32	Name: _ccpx Value: 2455d1796b86efb
a.clickcertain.com/	1970-01-21 03:00:32	Name: _ccpx_2455d1796b86efb Value: 1
.bidr.io/	1970-01-21 03:43:26	Name: bito Value: AAEgMU7Lho4AABRwZVY0Aw
.bidr.io/	1970-01-21 03:43:26	Name: bitoIsSecure Value: ok
.tapad.com/	1970-01-20 19:41:20	Name: TapAd_TS Value: 1707296556133
.tapad.com/	1970-01-20 19:41:20	Name: TapAd_DID Value: 19e1277a-3f7c-41ba-8044-a0e24bc0c9b0
.tapad.com/	1970-01-20 19:41:20	Name: TapAd_3WAY_SYNCS Value:
.a.usbrowserspeed.com/	1970-01-21 03:00:32	Name: tuid Value: 8b675dc8-cdc6-4730-95b1-161ab7e82211
.adnxs.com/	1970-01-20 20:24:32	Name: XANDR_PANID Value: Pcgeml-kwtB4xBCXpekE4QCpoaJTbqNZMKcHyG9vmQvtU63yaYnn1_T2tHSNusj2LR5oNWTw9j98TQ9QemTz9qHr2VjwzWC8lgFAeLZmIHE.
.adnxs.com/	1970-01-20 20:24:32	Name: uuid2 Value: 3445297941612987312

105 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://https//i.ntd.com/assets/uploads/2021/06/Pulse-Secure-smartphone-app-1200x761.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Access to XMLHttpRequest at 'https://prebid.adnxs.com/pbs/v1/openrtb2/auction' from origin 'https://www.ntd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://match.prod.bidr.io/cookie-sync/fivebyfive Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ntd.com/critical-entities-targeted-in-suspected-chinese-cyber-spying_627894.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
aax.amazon-adsystem.com
acdn.adnxs.com
b-code.liadm.com
c.amazon-adsystem.com
cdn.epoch.cloud
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
ea.epochbase.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
htlb.casalemedia.com
https
i.liadm.com
i.ntd.com
ib.adnxs.com
js-sec.indexww.com
match.prod.bidr.io
mixi.media
mixproxy.epoch.cloud
onetag-sys.com
pixel.tapad.com
prebid-match.dotomi.com
prebid.adnxs.com
pwe.epochbase.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s3-us-west-2.amazonaws.com
sc.youmaker.com
securepubads.g.doubleclick.net
stat.media
stat.mixi.media
static.mixi.media
static1.mixi.media
static6.mixi.media
static7.mixi.media
stats.g.doubleclick.net
subs.epochbase.com
sync.go.sonobi.com
tag.trovo-tag.com
tnews.to
token.rubiconproject.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ntd.com
www.youtube.com
https
prebid.adnxs.com
104.18.36.155
108.138.6.136
136.243.66.182
142.250.184.226
172.64.149.180
18.214.207.120
18.245.47.29
185.89.208.11
185.89.210.122
2.19.11.183
2001:4860:4802:34::36
23.32.184.180
2600:1f18:730:b130:4cec:7307:b1fe:db9b
2600:9000:2156:c200:e:291c:8fc0:93a1
2600:9000:225e:9800:8:8845:1500:93a1
2602:803:c003:200::31
2606:4700:20::681a:27a
2606:4700:20::681a:932
2606:4700:3034::ac43:c7b9
2606:4700:3038::6815:ea44
2606:4700::6812:181e
2607:f350:3:2569:0:10:0:200d
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:fa8:8806:20::2040
3.219.136.225
34.107.251.162
34.110.129.224
34.111.113.62
34.120.97.157
34.225.106.11
4.7.168.74
51.89.9.251
52.48.107.219
52.88.227.35
52.92.202.56
69.173.144.165
82.148.14.195
95.101.149.233
99.86.4.39
007ad0e05b52ceb6b842c38f085d0d6c6e88dc59a8553c97e9a33c8d598e167d
011c3a8ee832e9fea76383ccc099abe947f335ae052375a4a1a8f6e4a6bcc798
02e05d8407482aee2dae0ae4343ecb2e6c2b1f27c2175c4b03170d3f2af51b55
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
090fb501b84c5da363abe0cfe62afd06cc3a2e7c921c21205e557ba0500a6c17
0936c5c9a81e22635143fda4ba88273a67759ee800878b2ba8ce42f9c381f62e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
15d7e2580a3e5388862adedd5309ae8bc6fe35601a9eabf1f71f834d0eb4f80d
163cb5d5188442a3dc0cc458a58b06a08e498eea3ae25e310c473cdaae977f39
1744de03c297908b7c72489f535271d32f6268760dd7e7e5eb4782a93bc8f825
175136d89325e246eec63851015f112bb4722ed027169bc6a493e86966aca5c1
1a142191bcbf06864135111a9e41910aa1d6d57835727db059cb4707bc0cda18
1a69d8074ff42af97336fe5fc0e8a84758430d00e620f40670138ebba978e78b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d3cf6da2e9500478ea777930c0063b0be6456963313a7f5798d4e670ab75359
203e0f4dcfd2bed10b75a8fd250568838f01d4fd3363279741962d77675af937
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
23210920e1a9ec06a14f2b84e4ff04ca34844cf767d7d0d195145ed2a953ed92
247914240735efa67b4199f728c096b8683f84fcbad7946b88984a3877240c01
25a9a6f6fd8f857aa0d76b0ae707a2d8edb43fb395961338716404d6170f11b0
276a9af4af37744d109d1564017c890bbc4f804ccc81bd77afe0cf624f2901f4
276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50
280c077b7b1d63c4191f0d19467acc7dba6f60c0e709f912fcc9b59b10f67938
28ee9be11b0706589bc08ded04ee90229d7451a6b823dbe533dfc4f9530fdd2c
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
2ca221e7c14fc690e92a280f5d48b95ea31c5eedfb191fcda5cb559a2cad7744
2d99fd5771d823561d9c1eed3616d152ea40756fa2eb6c4cd86eb2281f3481dc
2f12d5db3e69f5a905c29b39192d524bccf1fd507c4ca4ef499eb04fa5e3bb45
300f54467e5fca52edc4a03ba0b3c1f61d8a6c3386471a475952574c21edda6a
36b0f63a963e58ee8237eeaa107f684bf066da8642977f05565ef232b1437e0a
36dfe9020d8ca59d0862c9b8111eb0f9ca29fbec738d88c7ff5a459950972ae5
37ee0c06cd59b07850ee525798826ae40416b996877bc1a6cb1720a8730b5096
390530efed34e97403e825e9e8b0029515dba72de78419091b616c76befdb700
3ae28b89ed960eddf42f0f3b3b385316516261f125d7cf72bc017f1de285ad80
3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de523e97a88472a3647697b04dc64876c12b073e3a0f281ab7f42cdc7d3a8f7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec251d05abab8e5f107b3bdda10a535e84ff677ccc282d9d61f0335fc01268f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d
443a55fa2af8e7cccd2fb6e1e9a2ab834d7ed770741cd2ef62a41baa08f4d9a4
44fb32e9fdb8cb192f8a0234b42ba9736f372098edf7b65b59b2e46222b0adf1
4544257c14ecf2d28f2162c38798bc7e4fd73d59b7aefc8beccdebfbf5676c25
46bb48b07c4889dd66816975b21842973900a4d9efc848c98d55622d797686e2
46ce58fe5c3f26bc8d99bde76c9b990cf14c34b5e93b53044d52f1abc0d86cfe
48c675529d813e074e45b83d5d12dde2bf726bb6b31ee8227dbfcf946e05af5c
4a6fff8e4746724d6b7a0cadd7b189300165a442228b58f2a9c30ab1fedbbc1b
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
526ee5f1d99dfb9690dab080a631b7860b4794f0b0e3b6ce38333d533bfa5d96
529051b3ab6a814d42e2a290e8823318e60838e434165b7524ff03da146cb9a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5acf6f0340266263b19e65e650548a5c5fe1e20dbb82e9eceeca1da11e7f681d
5add86d0621ee43748eab7622c3a87b73da0c4009ec621795f9fb28b9be76562
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
60f144249af8ea4133d488adbe4aee126575141b21e63c5ee5242a5a19c1855b
624f897565301dfadf2dc5f82b316a38978803afddd43192f77249eec041d13d
62acefec08a6c5db3e31bc9000fdac4843acf30c3dad1b9b5f17c13fbaefd38a
62dc7348fb09092f56f30d298749dd82ae997c3eb0776a3604b052c72b431cfc
641d72ddefb953f6ac870a992be6a9d7cb1154a3b77a666fb6cb253ec7e52e03
648714169a4704f5a776742a1bab68fc0ec75c1259bc96010cbbbbda261f2a58
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6800eb63dc978c9903864b28a08ed4f6b533bdb842ac6622a07c311e47a0a298
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704736337e4fc877b25b5dd24b6efaccdeadf0f3730d3a01b40897f38b7f150e
71a05dadb62a7a68a46b74551d7e8ff9020d593dfd0a3a1f5066d26f827fdcc6
733280112269b0203940d0f0432c1a743acdc5069e4ad2abefba214daf961ef4
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
772d800fd82fc19f4ac32c5771511d1246294fc0b8b5a8fdfaf8e538d3ffe180
7745e700cc600e8ad111cc9d752e7e5d888201979efeaba26155a49cb5865826
780a0e8440d24f4505731e17905d4b31f0f2008a36c081fc02877cd8afc90a13
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ba241a9f560ed19ea6cf9b763bd7c1a2120d7b13f0387f758f96138d19e7942
7f81fc2f3cc04c1f965f2683dc2b369bd4ebbc18b454196d101f74f69efe3433
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
86587e974d57e7489b5d60f8b446f48aa89bfedf7be4d003204256c1ca3cc9fe
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c497f68641e8abd81d72b3b6bae5b3e3ca4f92c3e95cf9169c4de2477f8a7bf
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9179d1ad2f7a8d7cae03165f76a80f6145cbf9b2250ac368b4ea52fed2d6ced3
928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a
92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d
92afa134a96be4e90c9cd070737d84092d67f1340152a9c80ee4ee505ba968c5
952ed5d34d71ad32b79b34e662884688dafff050260234610cfae209338a0c9a
95592d82a95024026b81d400ce04a7e9e52eaecae3ebd7fbfde51a8820d9595e
95c19d24ecaae581c3b73f7b05a6e7216eff031a30d6d3dc8b1ddfb79464f7ef
97b26e91db72b10e88ce8f58cdbdc74e1d0cacad506420b780cc149f16f9e30d
98dde6fd7859800b0babdf97b77352053b9e180595d2f2dd57ab6d3be2669354
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e33b98871ae098fb62dd6f123409a67fad6a3d0e8e22120a7d9b9188814b11a
a28855ba32c69182bba018fec0bc991f4ec03d23ac9a86045e4bf9625d48edfb
a6de355eccfa973ac4534a3907eab52b0404a94f4b232997fe48df199a511461
ac258c98e013761a8c4349239378c9c660fedcdd3cfe3c44c25be5d374097a6f
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
aeb31f1ee02675acb9388db1392b3cf1fa9e47d53ebeef47b9020b65bc981e58
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3b8631cb468badc4012a399bf6d49bc2f4fc4f2ccef578a830234eb6b168da1
b48c9bae88b131f13bfc887d29eab2624cbc76b9f52ee4dbfa526bdea4f3ca3a
b8225891a94cec1801274892d5f2be5348d73e48a04101e3fc2e39fe891f14ec
b8b6528bc2a63e986a842311ca6971aac53d77331c25d16a03e9e45de5bccf8f
bcf54544f62d9d0e97b9b8a26d424db4f4b98fc4850307978e152990912b1ba0
c21bf6bde24d32b19560bd7f803f39c65d33b5d11a54c8fc52c695008c520417
c329933b45a665763f3fb0e24e79c2b08b99721c103788d5da7f80e57c2b3f87
c3e44bb37df5198c8881cbd540176dd73336cb7178b11e6005aa59d6f188cb1b
c6fddd8301d32165dd2a28e977c349c59d648dafce7ead0b52743e735a3cd054
c86b556ac2f34973af6a37e88359b5e7256c2020623aba8fc139b48b621279b5
c9b0f6d91064bc1a5064e0fbbcabb1eb848065c90f10ab34b69ccd85aede8fde
ca2c578b9f6aa5bcb02341841582290fecaf3c6e784edc7f93f470035adccdd1
d2951eafa26a407dcfe41882deeb7b680df8505f384bbabbe2197446e90d3958
d38468263d67fc86718b19ea5585ad67b413fc85ce55c82bec81f159923c830d
d52da8a6f310751e4cf39f7f7f8b17dc40189460925bc2257ca1a6473314d34f
d531fa8daaca8f5072568bf15fec5c140428fec7078d1cb5d4110c06d44eea1e
d5fa5a1f4fb7b2ac5071a2f12b0d3615048df32a5686cc1d32610a79d5ff5a29
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a0107d9b73aca4549294993dde09523f98df2c6b05e8bf6edc7db8219ba094
e9d3d7e6cb9ff6ef4db59515e3f42573f7be7106a6b84e226da79f4413224d78
ea4c0ba8c9a78ebc69e64cb4db72959cafb8a8f0925a12cf0d22bbc0c806e66d
eea1400623ee89c9527e94d9e814f2df0cbc500f1c45dc1d3945ec7bf25cd21a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f185d5e1f3ff326d44c1783d5761c23581a6e541c33a28115b266fc2aa4ebd8a
f1cab7d3a4debf5f3e753decc503caf91915c3880b21404f5be461dc61b7bc23
f65f7f1257f3c6c35f32ce68fe9fdb69a317c08a735fa2647940b31c3e80aba8
f90338473cb76d2ea048cf525b2b2b42208ac2d559ec801976e3e002747eb5fc
fac2c480b9391a7217a606eb23d7d6b6d5794d4041c622b209287dc634ae64b5
fb2ca5c959e60b125bc07e2f962d60dafea7cfb55b9193d33f4879501db7a21d
fe42b20d8fb9877e0fff2aed972e9c1b61d848bee536e1da23ff014f54e83412
ff1577841f8db0bb2b09938df71728b5b1fbbefe089ef0b7a81d392a906e956f

www.ntd.com Open in urlscan Pro 2606:4700::6812:181e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

93 %HTTPS

46 %IPv6

33 Domains

56 Subdomains

45 IPs

9 Countries

3848 kBTransfer

8414 kBSize

39 Cookies

9 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ntd.com Open in urlscan Pro
2606:4700::6812:181e Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

93 %
HTTPS

46 %
IPv6

33
Domains

56
Subdomains

45
IPs

9
Countries

3848 kB
Transfer

8414 kB
Size

39
Cookies

163 HTTP transactions
6 data transactions