www.ntd.com Open in urlscan Pro
151.139.128.11  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://www.google-analytics.com/r/collect?v=1&_v=j82&a=89527075&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=428002467&gjid=1122347964&cid=1571154102.1589190202&tid=UA-128455718-1&_gid=1232829682.1589190202&_r=1&cd28=%3BHome%3B&cd43=home&z=1637691210 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_gid=1232829682.1589190202&gjid=1122347964&_v=j82&z=1637691210 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210&slf_rd=1&random=1584178407

Request Chain 48

• https://js.spotx.tv/directsdk/v1/232511.js HTTP 307
• https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

Request Chain 50

• https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9=

Request Chain 59

• https://sync.search.spotxchange.com/partner?source=dados HTTP 302
• https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=da4ea81d-936b-11ea-9188-13b80d861d06

Request Chain 91

• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736; HTTP 302
• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736 HTTP 302
• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adaf0d852-936b-11ea-b0c2-1237df373440;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736

Request Chain 103

• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749; HTTP 302
• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749 HTTP 302
• https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adae8c928-936b-11ea-b319-120d915f11b6;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749

Request Chain 107

• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv HTTP 302
• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t

Request Chain 132

• https://u.openx.net/w/1.0/pd HTTP 302
• https://u.openx.net/w/1.0/pd?cc=1

Request Chain 137

• https://u.openx.net/w/1.0/pd HTTP 302
• https://u.openx.net/w/1.0/pd?cc=1

Request Chain 140

• https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 HTTP 302
• https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440&verify=true HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/adtech/1Adaf0d852-936b-11ea-b0c2-1237df373440?gdpr=1&gdpr_consent= HTTP 302
• https://pixel.advertising.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0 HTTP 302
• https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440

Request Chain 141

• https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc HTTP 302
• https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ntd.com/	107 KB 20 KB	505ms 464ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 48585eb030bb681a2750e5659a37a59f05eed9d3645bcc05c4a1bcf5888aad30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.ntd.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Mon, 11 May 2020 09:43:20 GMT accept-ranges bytes cache-control max-age=108 content-encoding gzip content-length 20161 content-type text/html; charset=UTF-8 x-hw 1589190199.cds043.pa1.hn,1589190199.cds038.pa1.sc,1589190199.dop118.sj3.r,1589190199.cds119.sj3.c,1589190200.cds038.pa1.p server nginx/1.12.2 x-content-type-options nosniff x-xss-protection 1; mode=block x-device desktop x-cache-status MISS
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	101 KB 26 KB	40ms 22ms	Script application/javascript	13.225.86.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-86-250.fra2.r.cloudfront.net Software Server / Resource Hash 0875862efc0b3318a2104d27726d71f6f61d95a6e04ef6becb2793e66b2bc27a Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 10 May 2020 19:07:34 GMT content-encoding gzip server Server age 52545 etag ad48a5f558eb50f381edaa87211f6c91 x-cache Hit from cloudfront content-type application/javascript status 200 cache-control public, max-age=86400 x-amz-cf-pop FRA2-C2 accept-ranges bytes timing-allow-origin * x-amz-cf-id EZQXqf1dVRwzkB6-vzdFx_ylUUemU_hgij-UamoNQlHBOFI2bREpmg== via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
GET H2	200	prebid.js Show response www.ntd.com/assets/themes/m-ntd/js/ads/	242 KB 91 KB	457ms 455ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 1e15a553418c91bb9ec37ee13b612f32900a2caed8ce02c05b1fb20d0adb9954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 04 Feb 2020 23:55:53 GMT server nginx/1.12.2 x-microcachable 0 etag "5e3a047e-3c62c" x-hw 1589190200.cds043.pa1.hn,1589190200.cds045.pa1.sc,1589190200.dop008.sj3.r,1589190200.cds113.sj3.sc,1589190200.cds113.sj3.pr,1589190200.cds045.pa1.pr content-type application/javascript; charset=utf-8 status 200 cache-control max-age=1800 content-length 92905 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	style.css www.ntd.com/assets/themes/ntd/	2 KB 1 KB	470ms 469ms	Stylesheet text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/style.css?ver=20180618 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 10575932a0b71db2fa6cc43a50ca648bb53b90487fbb1445e535b90fa159f260 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-6aa" x-hw 1589190200.cds043.pa1.hn,1589190200.cds009.pa1.sc,1589190200.dop021.sj3.r,1589190200.cds101.sj3.sc,1589190200.cds101.sj3.pr,1589190200.cds009.pa1.pr content-type text/css status 200 cache-control max-age=1800 content-length 859 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	global.css www.ntd.com/assets/themes/ntd/css/	11 KB 3 KB	864ms 863ms	Stylesheet text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20180618 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 960cadb52c2c9f1692cf3b8b627461f614eacb571905c317dd2b7b8690530e6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 31 Jan 2020 17:05:12 GMT server nginx/1.12.2 x-microcachable 0 etag "5e345e3f-2bf2" x-hw 1589190200.cds043.pa1.hn,1589190200.cds011.pa1.sc,1589190200.dop104.sj3.r,1589190201.cds028.sj3.sc,1589190201.cds028.sj3.pr,1589190201.cds011.pa1.pr content-type text/css status 200 cache-control max-age=1800 content-length 2916 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	genericons.css www.ntd.com/assets/themes/ntd/css/genericons/	39 KB 25 KB	468ms 467ms	Stylesheet text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/css/genericons/genericons.css?ver=20171027 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 30bd6098581fbccba074c2add1a6ed20a48e00504e2594f47c5c40ad1bb2d196 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Apr 2019 20:34:11 GMT server nginx/1.12.2 x-microcachable 0 etag "5cb63c2c-9d11" x-hw 1589190200.cds043.pa1.hn,1589190200.cds002.pa1.sc,1589190200.dop089.sj3.r,1589190200.cds056.sj3.sc,1589190200.cds056.sj3.pr,1589190200.cds002.pa1.pr content-type text/css status 200 cache-control max-age=1800 content-length 25573 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	front-page.css www.ntd.com/assets/themes/ntd/css/	20 KB 5 KB	1377ms 1376ms	Stylesheet text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/css/front-page.css?ver=20200507 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 2cd206563add81d0c6b8fb53b3b94c4356380b2d864ae37d7d187231282e3f63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 07 May 2020 14:51:35 GMT server nginx/1.12.2 x-microcachable 0 etag W/"5eb42077-4e2a" x-hw 1589190200.cds043.pa1.hn,1589190201.cds017.pa1.sc,1589190201.dop031.sj3.r,1589190201.cds059.sj3.c,1589190201.cds017.pa1.pr content-type text/css status 200 cache-control max-age=1800 content-length 4877 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	slick.css www.ntd.com/assets/themes/ntd/css/	2 KB 759 B	598ms 597ms	Stylesheet text/css	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/css/slick.css?ver=20160303 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 5f2c630eac683a05568f1ee415d990cc19cab5335b20d43dc89a808cc6a2b18d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:14 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-69d" x-hw 1589190200.cds043.pa1.hn,1589190200.cds028.pa1.sc,1589190200.dop088.sj3.r,1589190200.cds028.sj3.sc,1589190200.cds028.sj3.pr,1589190200.cds028.pa1.pr content-type text/css status 200 cache-control max-age=1800 content-length 569 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_ntd_evening_news.jpg www.ntd.com/assets/themes/ntd/images/shows/	26 KB 26 KB	459ms 453ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_ntd_evening_news.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 972b15b841172b74c3f4c164f912ef352106b1b407b4408cbc9dac08ff10947b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 22 Jun 2019 13:47:07 GMT server nginx/1.12.2 x-microcachable 0 etag "5d0e3148-68b8" x-hw 1589190201.cds043.pa1.hn,1589190201.cds046.pa1.sc,1589190201.dop091.sj3.r,1589190201.cds099.sj3.sc,1589190201.cds099.sj3.pr,1589190202.cds046.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 26808 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_china_in_focus.jpg www.ntd.com/assets/themes/ntd/images/shows/	23 KB 23 KB	464ms 458ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_china_in_focus.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 1add85f6e4edc1911d0694ce93c1597bcbfb9722f3aa4188ff15a87b76d19252 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Tue, 25 Feb 2020 15:11:59 GMT server nginx/1.12.2 x-microcachable 0 etag "5e553932-5be0" x-hw 1589190201.cds043.pa1.hn,1589190201.cds045.pa1.sc,1589190201.dop030.sj3.r,1589190201.cds063.sj3.sc,1589190201.cds063.sj3.pr,1589190202.cds045.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 23520 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_zooming_in.jpg www.ntd.com/assets/themes/ntd/images/shows/	15 KB 15 KB	695ms 689ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_zooming_in.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 7cdaf8f478d25251fad3edc8e986af1ec338dce6176f2b4158c2eb87286a8d71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 etag "5c8a6be0-3c5d" x-hw 1589190201.cds043.pa1.hn,1589190201.cds005.pa1.sc,1589190202.dop018.sj3.r,1589190202.cds049.sj3.sc,1589190202.cds049.sj3.pr,1589190202.cds005.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 15453 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_china_uncensored.jpg www.ntd.com/assets/themes/ntd/images/shows/	20 KB 20 KB	461ms 456ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_china_uncensored.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 9c14cdab1260c8377dfc355aad2327a61280f2def4cca49c97599ea949abbd8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 etag "5c8a6be0-4ffa" x-hw 1589190201.cds043.pa1.hn,1589190201.cds044.pa1.sc,1589190201.dop088.sj3.r,1589190201.cds052.sj3.sc,1589190201.cds052.sj3.pr,1589190202.cds044.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 20474 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_legends_unfolding.jpg www.ntd.com/assets/themes/ntd/images/shows/	39 KB 39 KB	1294ms 1288ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_legends_unfolding.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash aad0d028bb6d1a8812708f103d9afa187babfd87ecb0156ad5ff5766de36b7b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 etag "5c8a6be0-9c76" x-hw 1589190201.cds043.pa1.hn,1589190201.cds035.pa1.sc,1589190201.dop120.sj3.r,1589190202.cds123.sj3.sc,1589190202.cds123.sj3.pr,1589190202.cds035.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 40054 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	ntd_show_menu_what-defines-you.jpg www.ntd.com/assets/themes/ntd/images/shows/	27 KB 27 KB	477ms 471ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/shows/ntd_show_menu_what-defines-you.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 55c8b00bfd680121fa4957c18c6f501a79b3d9fa67d8ca22ed931628868e970d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Tue, 12 Nov 2019 20:37:25 GMT server nginx/1.12.2 x-microcachable 0 etag "5dcb17f1-6c1a" x-hw 1589190201.cds043.pa1.hn,1589190201.cds005.pa1.sc,1589190201.dop115.sj3.r,1589190201.cds047.sj3.sc,1589190201.cds047.sj3.pr,1589190202.cds005.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 27674 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Petition728x90.jpg www.ntd.com/assets/themes/ntd/images/	27 KB 27 KB	604ms 599ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/Petition728x90.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 075d9b738ea19a15aceb231db75fb12a68550d29c63068699ffbfeea215c891e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 07 May 2020 14:51:35 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb42077-6c70" x-hw 1589190201.cds043.pa1.hn,1589190201.cds002.pa1.sc,1589190201.dop047.sj3.r,1589190202.cds119.sj3.sc,1589190202.cds119.sj3.pr,1589190202.cds002.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 27760 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	white.png www.ntd.com/assets/themes/ntd/images/	95 B 281 B	465ms 460ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/white.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-5f" x-hw 1589190201.cds043.pa1.hn,1589190201.cds046.pa1.sc,1589190201.dop116.sj3.r,1589190201.cds028.sj3.sc,1589190201.cds028.sj3.pr,1589190202.cds046.pa1.pr content-type image/png status 200 cache-control max-age=315360000 content-length 95 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	default-user.png www.ntd.com/assets/themes/ntd/images/	3 KB 3 KB	604ms 600ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/default-user.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 92a96977b3a5107b1c7c5bd8d603b01792eabfb32090695967f04b207b154c5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-a00" x-hw 1589190201.cds043.pa1.hn,1589190201.cds046.pa1.sc,1589190201.dop053.sj3.r,1589190202.cds049.sj3.sc,1589190202.cds049.sj3.pr,1589190202.cds046.pa1.pr content-type image/png status 200 cache-control max-age=315360000 content-length 2560 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	jwplayer8-all.js Show response vs.youmaker.com/js/jwplayer/	95 KB 30 KB	94ms 17ms	Script application/javascript	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 72f5c5e44c593d8fe36877e69a41858a3f21b63eec02d75d6395a6805feb7228 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip server nginx/1.16.1 x-hw 1589190201.cds045.pa1.hn,1589190201.cds042.pa1.c content-type application/javascript; charset=UTF-8 status 200 cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 30969 via 1.1 google
GET H2	200	api2.css vs.youmaker.com/css/	7 KB 2 KB	18ms 17ms	Stylesheet text/css	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/css/api2.css Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 9ecabfb81b446eb931e3def6a04d94f1a9d093c4cc3a7a9c549189893fbeb340 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip server nginx/1.16.1 x-hw 1589190201.cds045.pa1.hn,1589190201.cds009.pa1.c content-type text/css; charset=utf-8 status 200 cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 1712 via 1.1 google
GET H2	200	eff718d8-507c-47e8-a11a-aaebc49c9c6d Show response vs.youmaker.com/assets/player/	44 KB 11 KB	411ms 411ms	Script application/json	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/player/eff718d8-507c-47e8-a11a-aaebc49c9c6d?r=1280x720&cat=shows/china-in-focus&api=2&url=https%3A%2F%2Fwww.ntd.com%2Fchina-in-focus-may-9-how-china-infiltrated-un_464370.html Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 8b0b087bf635a636954620f48d97abcf76d5f669f7d56c66f755b7be1f61325e Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip server nginx/1.16.1 status 200 x-hw 1589190201.cds045.pa1.hn,1589190201.cds014.pa1.sc,1589190201.dop002.ch4.r,1589190201.cds068.ch4.c,1589190201.cds014.pa1.p content-type application/json;charset=UTF-8 access-control-allow-origin * cache-control max-age=12 accept-ranges bytes alt-svc clear content-length 10841 via 1.1 google
GET H2	200	ntd_evening_news-front.jpg www.ntd.com/assets/themes/ntd/images/	59 KB 59 KB	603ms 598ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/ntd_evening_news-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 0fc60be60aaad3540ba4ce7e221c2f8ecee4721c01aa103ba7ac0408a51d7e02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 22 Jun 2019 13:47:07 GMT server nginx/1.12.2 x-microcachable 0 etag "5d0e3148-ea17" x-hw 1589190201.cds043.pa1.hn,1589190201.cds040.pa1.sc,1589190201.dop111.sj3.r,1589190202.cds008.sj3.sc,1589190202.cds008.sj3.pr,1589190202.cds040.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 59927 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	china_in_focus-front.jpg www.ntd.com/assets/themes/ntd/images/	45 KB 45 KB	653ms 649ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/china_in_focus-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash ecb693df19b055a12d4622e5f7cbe0fa801e3af09fe92ba191df54d37716e84b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Tue, 25 Feb 2020 15:11:59 GMT server nginx/1.12.2 x-microcachable 0 etag "5e553932-b208" x-hw 1589190201.cds043.pa1.hn,1589190201.cds005.pa1.sc,1589190201.dop052.sj3.r,1589190202.cds031.sj3.sc,1589190202.cds031.sj3.pr,1589190202.cds005.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 45576 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	zooming_in-front.jpg www.ntd.com/assets/themes/ntd/images/	44 KB 44 KB	610ms 607ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/zooming_in-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 8106efadb8b3806f5e2b911f79a5f13d052f983b213829b9ad80f99fb3123d40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-b05d" x-hw 1589190201.cds043.pa1.hn,1589190201.cds042.pa1.sc,1589190201.dop048.sj3.r,1589190202.cds116.sj3.sc,1589190202.cds116.sj3.pr,1589190202.cds042.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 45149 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	china_uncensored-front.jpg www.ntd.com/assets/themes/ntd/images/	42 KB 42 KB	606ms 603ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/china_uncensored-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash c4c85f82add6560bf3761acceafbe6da742f9965bf15b2f8a2f4adb2a157ef9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-a795" x-hw 1589190201.cds043.pa1.hn,1589190201.cds020.pa1.sc,1589190201.dop053.sj3.r,1589190202.cds119.sj3.sc,1589190202.cds119.sj3.pr,1589190202.cds020.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 42901 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	legends_unfolding-front.jpg www.ntd.com/assets/themes/ntd/images/	44 KB 45 KB	642ms 638ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/legends_unfolding-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 4bc12cf21fc83d630c46b332bb2c7caeb810f36cdb95701a9ad70633efdbb317 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:15 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-b1cd" x-hw 1589190201.cds043.pa1.hn,1589190201.cds025.pa1.sc,1589190201.dop110.sj3.r,1589190202.cds074.sj3.sc,1589190202.cds074.sj3.pr,1589190202.cds025.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 45517 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	what-defines-you-front.jpg www.ntd.com/assets/themes/ntd/images/	27 KB 27 KB	622ms 618ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/what-defines-you-front.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash b373b8743baf9cc57fda35c2be2f7052c3384f39d241dfd3649558c5d29fae95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Tue, 12 Nov 2019 20:37:25 GMT server nginx/1.12.2 x-microcachable 0 etag "5dcb17f1-6af2" x-hw 1589190201.cds043.pa1.hn,1589190201.cds028.pa1.sc,1589190201.dop090.sj3.r,1589190202.cds066.sj3.sc,1589190202.cds066.sj3.pr,1589190202.cds028.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 27378 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	jquery-all.min.js Show response www.ntd.com/assets/themes/ntd/js/	98 KB 40 KB	451ms 450ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash faaacdeaaa6c8c811c5755310f94e79b4f39041e356a2ede0f6458be6ff1bc2d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:14 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-188ff" x-hw 1589190201.cds043.pa1.hn,1589190201.cds023.pa1.sc,1589190201.dop048.sj3.r,1589190201.cds114.sj3.sc,1589190201.cds114.sj3.pr,1589190202.cds023.pa1.pr content-type application/javascript; charset=utf-8 status 200 cache-control max-age=1800 content-length 40721 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	bottom.js Show response www.ntd.com/assets/themes/ntd/js/	19 KB 7 KB	457ms 450ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/js/bottom.js?ver=20170629 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 3b96049e7559c9fd23acf2d3592b14089f7e0434f2a7c3f92139a5cd61e9f121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 06 Mar 2020 20:35:57 GMT server nginx/1.12.2 x-microcachable 0 etag "5e62b423-4d21" x-hw 1589190201.cds043.pa1.hn,1589190201.cds026.pa1.sc,1589190201.dop026.sj3.r,1589190201.cds067.sj3.sc,1589190201.cds067.sj3.pr,1589190202.cds026.pa1.pr content-type application/javascript; charset=utf-8 status 200 cache-control max-age=1800 content-length 6555 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	slick.js Show response www.ntd.com/assets/themes/ntd/js/	82 KB 19 KB	611ms 604ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/js/slick.js?ver=20160303 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 14 Mar 2019 15:11:14 GMT server nginx/1.12.2 x-microcachable 0 etag "5c8a6be0-14929" x-hw 1589190201.cds043.pa1.hn,1589190201.cds026.pa1.sc,1589190201.dop030.sj3.r,1589190202.cds096.sj3.sc,1589190202.cds096.sj3.pr,1589190202.cds026.pa1.pr content-type application/javascript; charset=utf-8 status 200 cache-control max-age=1800 content-length 18949 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	article_ads.js Show response www.ntd.com/assets/themes/ntd/js/	35 KB 10 KB	457ms 451ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20170224 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 7af2684e67a5acdab0c7aed20ba26b616544ed66f463b963bbedfd33933786ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 31 Jan 2020 17:05:13 GMT server nginx/1.12.2 x-microcachable 0 etag "5e345e3f-8d90" x-hw 1589190201.cds043.pa1.hn,1589190201.cds029.pa1.sc,1589190201.dop120.sj3.r,1589190201.cds056.sj3.sc,1589190201.cds056.sj3.pr,1589190202.cds029.pa1.pr content-type application/javascript; charset=utf-8 status 200 cache-control max-age=1800 content-length 10488 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	28ms 12ms	XHR application/javascript	13.225.86.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-86-250.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 02:04:58 GMT content-encoding gzip vary Accept-Encoding,Origin age 27503 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 09 Apr 2020 23:46:54 GMT server AmazonS3 access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA2-C2 x-amz-cf-id 0S4XhCJTZYGtFrl0OlHa-LWUUSZcyjMPF2AIm1O3HORr5nK-6krNfA==
GET H2	200	gtm.js Show response www.googletagmanager.com/	57 KB 21 KB	23ms 20ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TDQH75P Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 89b1a0f9a8dcbf2aa8aaaeaa155191bf6085fddbe17edb4239f69757ca8d9c0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21283 x-xss-protection 0 last-modified Mon, 11 May 2020 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 May 2020 09:43:21 GMT
GET H2	200	NTD_logo.png www.ntd.com/assets/themes/ntd/images/	4 KB 4 KB	463ms 463ms	Image image/png	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/themes/ntd/images/NTD_logo.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 37cfcc560d8ba1544806f7cf1cb7b2f6be2dd8ac6db8e3e7a41e85bb5e405dde Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/assets/themes/ntd/css/global.css?ver=20180618 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Thu, 26 Dec 2019 20:12:29 GMT server nginx/1.12.2 x-microcachable 0 etag "5e051420-f46" x-hw 1589190201.cds043.pa1.hn,1589190201.cds032.pa1.sc,1589190201.dop051.sj3.r,1589190201.cds111.sj3.sc,1589190202.cds111.sj3.pr,1589190202.cds032.pa1.pr content-type image/png status 200 cache-control max-age=315360000 content-length 3910 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET DATA	200 OK	truncated /	22 KB 22 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 40ceae6bd92a140b2e4e433abc54f77d6d5e7ec0ea55e93b47cea25b9d96a11d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer Origin https://www.ntd.com Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.5.5/	235 KB 58 KB	34ms 17ms	Script application/javascript	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.5.5/jwplayer.core.controls.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.8.0 / Resource Hash b42bc9808ac7826250c21597941c56744ee8ae6cda1303264146f6e427bf9cdf Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 469015 x-cache HIT status 200 content-length 59737 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Thu, 06 Sep 2018 20:23:24 GMT server nginx/1.8.0 x-timer S1589190202.745845,VS0,VE1 etag "a0935a9097c992aeb85470217127f7d0" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	googima.js Show response ssl.p.jwpcdn.com/player/plugins/googima/v/8.5.0/	48 KB 15 KB	23ms 7ms	Script text/plain	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.5.0/googima.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.8.0 / Resource Hash 0fd4a95129f60df367ba095d53f4147bd4720b8c1d4eb3f9d30ee40a4064d685 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 5642428 x-cache HIT status 200 content-length 15008 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 24 Aug 2018 18:08:08 GMT server nginx/1.8.0 x-timer S1589190202.745825,VS0,VE0 etag "2c7595808dc2f75b0ac9115a66c236fb" vary Accept-Encoding content-type text/plain via 1.1 varnish cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 12147
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.5.5/	51 KB 16 KB	22ms 7ms	Script text/plain	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.5.5/jwpsrv.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.8.0 / Resource Hash f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 426 x-cache HIT status 200 content-length 16060 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Mon, 15 Jul 2019 19:54:58 GMT server nginx/1.8.0 x-timer S1589190202.745817,VS0,VE0 etag "9ce4655dbc7b8410f510da753f3be441" vary Accept-Encoding content-type text/plain via 1.1 varnish cache-control max-age=900, immutable accept-ranges bytes x-cache-hits 30
GET H2	200	related.js Show response ssl.p.jwpcdn.com/player/v/8.5.5/	94 KB 21 KB	21ms 7ms	Script application/javascript	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.5.5/related.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.8.0 / Resource Hash 24b523ea23dc7c9a4171816f9096810e291962a0df994043d91be861d8213251 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 16024992 x-cache HIT status 200 content-length 21046 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Thu, 06 Sep 2018 20:23:29 GMT server nginx/1.8.0 x-timer S1589190202.745797,VS0,VE0 etag "41f51460d1e191a5526deced222d5ceb" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 64102
GET H2	200	thumbnail_h.jpg vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/	121 KB 121 KB	19ms 18ms	Image image/jpeg	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/thumbnail_h.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 19f4e076b211f696cc2796d486539d81ffd96d8e2f276ea40527cbaacb141374 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190201.cds045.pa1.hn,1589190201.cds038.pa1.c content-type image/jpeg access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 124220
GET H2	200	Arrow.png vs.youmaker.com/img/	191 B 278 B	30ms 29ms	Image image/png	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://vs.youmaker.com/img/Arrow.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash cbe3d4a0e5bd00a308c882c4e0a9e276c4d79125143a6e2059dd90998181fd5d Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 x-hw 1589190201.cds045.pa1.hn,1589190201.cds015.pa1.c content-type image/png; charset=UTF-8 status 200 cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 191
GET H2	200	NTD_video_logo_thumbnail.png vs.youmaker.com/img/	6 KB 6 KB	284ms 284ms	Image image/png	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://vs.youmaker.com/img/NTD_video_logo_thumbnail.png Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash ad525c60a11751ad1110157afffe0aef51a5cb953ff46f88a832af8192e553e4 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT via 1.1 google server nginx/1.16.1 x-hw 1589190201.cds045.pa1.hn,1589190202.cds005.pa1.c content-type image/png; charset=UTF-8 status 200 cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 6055
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.5.5/	282 KB 80 KB	31ms 17ms	Script application/javascript	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.8.0 / Resource Hash 5d68589f57aede8fec0f11156341a9b5ce259a8a17a64a19f29957de3a977407 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 16024993 x-cache HIT status 200 content-length 81996 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Thu, 06 Sep 2018 20:23:28 GMT server nginx/1.8.0 x-timer S1589190202.745769,VS0,VE1 etag "e326d1239177f0bf4cc5b763787fcbae" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 1
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 21:54:13 GMT server Golfe2 age 2822 date Mon, 11 May 2020 08:56:19 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18433 expires Mon, 11 May 2020 10:56:19 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	5 KB 2 KB	24ms 7ms	Script application/javascript	151.101.12.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip age 34811 x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200 content-length 1954 x-served-by cache-fra19147-FRA last-modified Tue, 23 Jan 2018 20:09:00 GMT x-timer S1589190202.795331,VS0,VE0 etag "b7b33882a4f3ffd5cbf07434f3137166+gzip" vary Accept-Encoding,Host content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control no-cache accept-ranges bytes
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	28ms 11ms	Script application/x-javascript	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 11 May 2020 09:43:21 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Tue, 12 May 2020 09:43:21 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	264 KB 90 KB	64ms 44ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f07554fd87b2de2d7f413aad15a903fb3fe8e0b6993b0cac1beef9ed05d7580 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91857 x-xss-protection 0 expires Mon, 11 May 2020 09:43:21 GMT
GET H2	200	8Z4U0lMOEeSfryIACy4B0g.json Show response entitlements.jwplayer.com/	50 B 236 B	29ms 7ms	XHR application/json	152.199.22.243 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://entitlements.jwplayer.com/8Z4U0lMOEeSfryIACy4B0g.json Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.22.243 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frb/678A) / Resource Hash 4e79c52a8e8d4f7c4eb7792ac9865e6d4cd664717e584640a145b928dad1c062 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip last-modified Mon, 11 May 2020 06:32:47 GMT server ECAcc (frb/678A) age 11435 status 200 vary Accept-Encoding x-cache HIT content-type application/json access-control-allow-origin * cache-control max-age=1800, s-maxage=14760 accept-ranges bytes content-length 66
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j82&a=89527075&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ntd.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20an... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_gid=1232829682.1589190202&gjid=1122347964&_v=j82&z=1637691210 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210&slf_rd=1&random=1584178407	42 B 109 B	19ms 18ms	Image image/gif	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210&slf_rd=1&random=1584178407 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 May 2020 09:43:21 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type text/html; charset=UTF-8 location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-128455718-1&cid=1571154102.1589190202&jid=428002467&_v=j82&z=1637691210&slf_rd=1&random=1584178407 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	reportad Show response vs.youmaker.com/	15 B 122 B	41ms 41ms	XHR application/json	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/reportad Requested by Host: vs.youmaker.com URL: https://vs.youmaker.com/js/jwplayer/jwplayer8-all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers Referer https://www.ntd.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190201.cds019.pa1.hn,1589190201.cds025.pa1.sc,1589190201.cds025.pa1.p content-type application/json;charset=UTF-8 access-control-allow-origin * alt-svc clear content-length 15
GET H/1.1	200 OK	directsdk.js Show response aka.spotxcdn.com/integration/directsdk/v1/ Redirect Chain https://js.spotx.tv/directsdk/v1/232511.js https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js	420 KB 156 KB	32ms 13ms	Script text/javascript	23.210.248.162 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.248.162 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-248-162.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 11 May 2020 09:43:22 GMT Content-Encoding gzip Last-Modified Thu, 16 Jan 2020 20:21:58 UTC Server nginx Access-Control-Allow-Headers ETag 4e88d2917c85501940ef8787730bb9aa Vary Accept-Encoding Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=163 Connection keep-alive Timing-Allow-Origin * X-SpotX-Build-Version 1.31.0-20200116.1913 Content-Length 158787 Redirect headers Pragma no-cache Date Mon, 11 May 2020 09:43:21 GMT Last-Modified Mon, 11 May 2020 09:43:21 UTC Server nginx Location //aka.spotxcdn.com/integration/directsdk/v1/directsdk.js Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 80 Connection keep-alive Timing-Allow-Origin * Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	playlist.m3u8 Show response vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/	402 B 564 B	68ms 26ms	XHR application/x-mpegurl	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/playlist.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 893a050d883d04ea28f5979b30ac0631541cbb0ca15bf8c92be50e9f6537d3dd Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190201.cds019.pa1.hn,1589190201.cds046.pa1.c content-type application/x-mpegurl access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 402
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9= https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9=	0 248 B	9ms 9ms	Image text/plain	2.16.31.65 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9= Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-31-65.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:21 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&ns__t=1589190201904&ns_c=UTF-8&cv=3.5&c8=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&c7=https%3A%2F%2Fwww.ntd.com%2F&c9= Pragma no-cache Date Mon, 11 May 2020 09:43:21 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsct t.co/i/	43 B 170 B	124ms 123ms	Image image/gif	104.244.42.69 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.69 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff status 200, 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 x-response-time 111 pragma no-cache last-modified Mon, 11 May 2020 09:43:21 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 0ccfa4f5c1bed93a0e383a7ed5097975 x-transaction 003e8e310065c11c expires Tue, 31 Mar 1981 05:00:00 GMT
GET H2	200	bridge3.384.1_en.html imasdk.googleapis.com/js/core/ Frame A647	0 0	6ms 6ms	Document text/html	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.384.1_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.384.1_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 199092 date Mon, 11 May 2020 04:35:02 GMT expires Tue, 11 May 2021 04:35:02 GMT last-modified Mon, 04 May 2020 23:23:08 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 18499 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	26 KB 11 KB	61ms 40ms	Script text/javascript	2a00:1450:4001:814::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10523 x-xss-protection 0 expires Mon, 11 May 2020 09:43:21 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.ntd.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 May 2020 09:43:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	playlist.m3u8 Show response vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_240p/	6 KB 6 KB	29ms 29ms	XHR application/x-mpegurl	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_240p/playlist.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3b74f03c7fdc1911be75ade9887fe7fa280efd317306540eea5f298ca117f355 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190201.cds019.pa1.hn,1589190201.cds038.pa1.c content-type application/x-mpegurl access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 6096
GET H2	200	out0000.ts Show response vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_240p/	570 KB 570 KB	26ms 26ms	XHR application/octet-stream	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_240p/out0000.ts Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 0ff44c2f65694dfaafeb30590493ca7470e49cdbd216b4919ec9db6c876bc822 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:21 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190201.cds019.pa1.hn,1589190201.cds008.pa1.c content-type application/octet-stream access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 583740
GET BLOB	200 OK	8f655883-4a21-45ac-b81f-3fa4ff44ea67 https://www.ntd.com/	63 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ntd.com/8f655883-4a21-45ac-b81f-3fa4ff44ea67 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash da0b6bd768635441dc20b2b8a7a185c27ef9eb812836b810390697a173addd1d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 64094 Content-Type text/javascript
GET H2	200	digitrust.min.js Show response cdn.digitru.st/prod/1/	49 KB 14 KB	47ms 9ms	Script application/javascript	2a01:4a0:1338:28::c38a:ff10 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://cdn.digitru.st/prod/1/digitrust.min.js Requested by Host: aka.spotxcdn.com URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software DTOrigin-AK / Resource Hash 64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip last-modified Wed, 08 Jan 2020 20:51:16 GMT server DTOrigin-AK status 200 etag "4075fa912cfaa93cb7d74358264fe3b9" vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin * cache-control max-age=77532 accept-ranges bytes content-type application/javascript content-length 13628 expires Tue, 12 May 2020 07:15:34 GMT
GET H/1.1	204	partner sync.search.spotxchange.com/ Redirect Chain https://sync.search.spotxchange.com/partner?source=dados https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=da4ea81d-936b-11ea-9188-13b80d861d06	0 588 B	236ms 236ms	Image text/plain	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=da4ea81d-936b-11ea-9188-13b80d861d06 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-spotx-halt-type Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist Date Mon, 11 May 2020 09:43:22 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 46 Connection keep-alive Content-Length 0 Redirect headers Date Mon, 11 May 2020 09:43:22 GMT Server nginx Location /partner?source=dados&__user_check__=1&sync_id=da4ea81d-936b-11ea-9188-13b80d861d06 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 115 Connection keep-alive Content-Length 0
GET H2	200	playlist.m3u8 Show response vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_720p/	7 KB 7 KB	26ms 25ms	XHR application/x-mpegurl	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_720p/playlist.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash ca701749811586fb600a883f08c8f3bb415d811debbef508bbf8bb5a0e79588b Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190202.cds019.pa1.hn,1589190202.cds019.pa1.c content-type application/x-mpegurl access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 6897
GET H2	200	out0000.ts Show response vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_720p/	3 MB 3 MB	28ms 27ms	XHR application/octet-stream	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://vs.youmaker.com/assets/2020/0509/eff718d8-507c-47e8-a11a-aaebc49c9c6d/hls_720p/out0000.ts Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.5.5/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 6c182930a59549fc0e9ea8d04175bc7773e180c8a2484e04af80b513da70dc99 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT via 1.1 google server nginx/1.16.1 status 200 x-hw 1589190202.cds019.pa1.hn,1589190202.cds019.pa1.c content-type application/octet-stream access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes alt-svc clear content-length 3007624
GET H2	200	bidexchange.js Show response hbx.media.net/	391 KB 108 KB	82ms 43ms	Script text/javascript	23.202.52.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/article_ads.js?ver=20170224 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.202.52.26 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-202-52-26.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0f6ba2c81a869e978f4228932c718d9478d59372a9b9e7a023dfa387a66db2e0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip server Apache date Mon, 11 May 2020 09:43:22 GMT vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 status 200 cache-control max-age=1800 expires Mon, 11 May 2020 10:13:22 GMT
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 388 B	138ms 137ms	Script application/javascript	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyi8c&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ntd.com%2F Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200, 200 OK x-twitter-response-tags BouncerCompliant strict-transport-security max-age=631138519 content-length 57 x-xss-protection 0 x-response-time 122 pragma no-cache last-modified Mon, 11 May 2020 09:43:22 GMT server tsa_o x-frame-options SAMEORIGIN content-type application/javascript;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 129fdd8c7d20fa213e4ac3dce45b644d x-transaction 0035c92400fec6a6 expires Tue, 31 Mar 1981 05:00:00 GMT
GET H2	200	disinfectant-spray_suifeihe_heilongjiang_china-900x506.jpg www.ntd.com/assets/uploads/2020/05/	87 KB 87 KB	1032ms 1028ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/disinfectant-spray_suifeihe_heilongjiang_china-900x506.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash fc08efe11054a4741e15ba4c978b742a1d0f0fa64d90e86d68bf4bb62f036bc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:23 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 22:48:38 GMT server nginx/1.12.2 etag "5eb884c6-15c65" x-hw 1589190202.cds043.pa1.hn,1589190202.cds027.pa1.sc,1589190202.dop048.sj3.r,1589190203.cds114.sj3.sc,1589190203.cds114.sj3.pr,1589190203.cds027.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 89189 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Saundra-Andringa-Meuer-COVID-19-patient-400x225.jpg www.ntd.com/assets/uploads/2020/05/	17 KB 17 KB	596ms 591ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/Saundra-Andringa-Meuer-COVID-19-patient-400x225.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash fd744602706e64d715e8791b95444a610bde461b63f02c60af9a0b29f7df4fe9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 19:16:54 GMT server nginx/1.12.2 etag "5eb85326-4457" x-hw 1589190202.cds043.pa1.hn,1589190202.cds034.pa1.sc,1589190202.dop094.sj3.r,1589190202.cds113.sj3.sc,1589190202.cds113.sj3.pr,1589190202.cds034.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 17495 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Wall-Street-Pandemic-400x225.jpg www.ntd.com/assets/uploads/2020/05/	25 KB 25 KB	599ms 594ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/Wall-Street-Pandemic-400x225.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash dc1d5ba5ae046483c813abd55b3aa7adb754d6d290ecdca11227a1349bf432e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 09 May 2020 16:37:27 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb6dc47-64de" x-hw 1589190202.cds043.pa1.hn,1589190202.cds041.pa1.sc,1589190202.dop122.sj3.r,1589190202.cds050.sj3.sc,1589190202.cds050.sj3.pr,1589190202.cds041.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 25822 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	New-York-Governor-Andrew-Cuomo--e1589142835938-400x225.jpg www.ntd.com/assets/uploads/2020/05/	18 KB 18 KB	595ms 591ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/New-York-Governor-Andrew-Cuomo--e1589142835938-400x225.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 8e1240e79a868b9f667902c5107b2fc0686672a0e138b3733aa8416067b7ef73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 20:46:47 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb86837-4744" x-hw 1589190202.cds043.pa1.hn,1589190202.cds034.pa1.sc,1589190202.dop092.sj3.r,1589190202.cds104.sj3.sc,1589190202.cds104.sj3.pr,1589190202.cds034.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 18244 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	UK-PM-Boris-Johnson-400x225.jpg www.ntd.com/assets/uploads/2020/05/	17 KB 17 KB	594ms 590ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/UK-PM-Boris-Johnson-400x225.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash fb93e71bbab775c6e93dbd89cbc7653eca3b70578dd001b5c08454e1cfd4f30a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 19:36:54 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb857d6-4293" x-hw 1589190202.cds043.pa1.hn,1589190202.cds024.pa1.sc,1589190202.dop021.sj3.r,1589190202.cds077.sj3.sc,1589190202.cds077.sj3.pr,1589190202.cds024.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 17043 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	us-migrant-482x271.jpg www.ntd.com/assets/uploads/2020/05/	28 KB 28 KB	611ms 607ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/us-migrant-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 7629722213cb1b3abd9bcbbbc0bcd5f868694e19755a0ac455895051bc161c1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Mon, 11 May 2020 08:54:20 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb912bc-703b" x-hw 1589190202.cds043.pa1.hn,1589190202.cds014.pa1.sc,1589190202.dop099.sj3.r,1589190202.cds008.sj3.c,1589190202.cds014.pa1.p content-type image/jpeg status 200 cache-control max-age=315360000 content-length 28731 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	china-vaccine-482x271.jpg www.ntd.com/assets/uploads/2020/05/	26 KB 26 KB	612ms 608ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/china-vaccine-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 16f009a74567b1d8e2784f633f75b9851c4f8ec7029a852822a039ccaf8e45c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Mon, 11 May 2020 08:46:23 GMT server nginx/1.12.2 etag "5eb910df-672b" x-hw 1589190202.cds043.pa1.hn,1589190202.cds045.pa1.sc,1589190202.dop008.sj3.r,1589190202.cds103.sj3.c,1589190202.cds045.pa1.p content-type image/jpeg status 200 cache-control max-age=315360000 content-length 26411 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	N95-mask_3M-482x271.jpg www.ntd.com/assets/uploads/2020/05/	21 KB 22 KB	30ms 27ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/N95-mask_3M-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 09617b34465716b1c586d8461102ff1fffd062cc8eb7a94ec0faf3997143295f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Wed, 06 May 2020 04:36:56 GMT server nginx/1.12.2 etag "5eb23ee8-5592" x-hw 1589190202.cds043.pa1.hn,1589190202.cds026.pa1.c content-type image/jpeg status 200 cache-control max-age=315360000 content-length 21906 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	TikTok-482x271.jpg www.ntd.com/assets/uploads/2020/01/	24 KB 24 KB	29ms 26ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/01/TikTok-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 675be486f8029100ae56b824ae735406f071f28fc662642b06c4dd31c6ee3b1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 05 Jan 2020 16:01:03 GMT server nginx/1.12.2 etag "5e12083f-5ebf" x-hw 1589190202.cds043.pa1.hn,1589190202.cds039.pa1.c content-type image/jpeg status 200 cache-control max-age=315360000 content-length 24255 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Hiker-rescued-Angel-Falls-by-off-duty-officer-2020-05-10-482x271.jpg www.ntd.com/assets/uploads/2020/05/	26 KB 27 KB	29ms 26ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/Hiker-rescued-Angel-Falls-by-off-duty-officer-2020-05-10-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 76a1d53589973a1ce2781b7e6ae0643a61977e10f2836d5d6aed1ddd8a4d72d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 20:16:56 GMT server nginx/1.12.2 etag "5eb86138-69c9" x-hw 1589190202.cds043.pa1.hn,1589190202.cds040.pa1.c content-type image/jpeg status 200 cache-control max-age=315360000 content-length 27081 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Mexico-nurse-with-sign-1-482x271.jpg www.ntd.com/assets/uploads/2020/05/	23 KB 24 KB	751ms 748ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/Mexico-nurse-with-sign-1-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash d89290889ab63942b6ba9d16ed7ab4a72cf3cc1f201bae6cf55c58b15935ae5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 15:17:03 GMT server nginx/1.12.2 etag "5eb81aef-5dd5" x-hw 1589190202.cds043.pa1.hn,1589190202.cds030.pa1.sc,1589190202.dop121.sj3.r,1589190202.cds028.sj3.sc,1589190202.cds028.sj3.pr,1589190202.cds030.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 24021 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	May-snow-in-Massachusetts-e1589115564705-482x271.jpg www.ntd.com/assets/uploads/2020/05/	30 KB 31 KB	629ms 626ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/May-snow-in-Massachusetts-e1589115564705-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 5c5975ee1709e53863e22236d0f07148049698deb9159f9077c0ad9cbcc5512b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 13:12:16 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb7fdb0-7932" x-hw 1589190202.cds043.pa1.hn,1589190202.cds034.pa1.sc,1589190202.dop021.sj3.r,1589190202.cds095.sj3.sc,1589190202.cds095.sj3.pr,1589190202.cds034.pa1.p content-type image/jpeg status 200 cache-control max-age=315360000 content-length 31026 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	CCP-virus-test-Japan-482x271.jpg www.ntd.com/assets/uploads/2020/05/	24 KB 24 KB	607ms 604ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/05/CCP-virus-test-Japan-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 0db3bf8b8918acfce0d9524d9f97d7e9a4064d1372ec3eccad423750e0e23c51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sun, 10 May 2020 12:44:54 GMT server nginx/1.12.2 x-microcachable 0 etag "5eb7f746-6028" x-hw 1589190202.cds043.pa1.hn,1589190202.cds045.pa1.sc,1589190202.dop015.sj3.r,1589190202.cds105.sj3.sc,1589190202.cds105.sj3.pr,1589190202.cds045.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 24616 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Elon-Musk-e1575684614800-482x271.jpg www.ntd.com/assets/uploads/2019/12/	15 KB 15 KB	385ms 382ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2019/12/Elon-Musk-e1575684614800-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash a0b3ccb443ac4578145cca7620ca3a2b1d26605ee7ec4c3497270dcf37d04435 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 07 Dec 2019 02:10:14 GMT server nginx/1.12.2 x-microcachable 0 etag "5deb0a06-3d33" x-hw 1589190202.cds043.pa1.hn,1589190202.cds009.pa1.c content-type image/jpeg status 200 cache-control max-age=315360000 content-length 15667 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	1321d3e2d9703d800e01c470765cb588-482x271.jpg www.ntd.com/assets/uploads/2020/03/	23 KB 23 KB	608ms 605ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/03/1321d3e2d9703d800e01c470765cb588-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash bf14bc5b7869459d4b20ba86c27583e5863e4db737d1da73d84ed45cf6553c15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 21 Mar 2020 01:34:39 GMT server nginx/1.12.2 x-microcachable 0 etag "5e756f2f-5c4c" x-hw 1589190202.cds043.pa1.hn,1589190202.cds008.pa1.sc,1589190202.dop053.sj3.r,1589190202.cds075.sj3.sc,1589190202.cds075.sj3.pr,1589190202.cds008.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 23628 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	Carlie-Facer-482x271.jpg www.ntd.com/assets/uploads/2020/03/	18 KB 18 KB	607ms 605ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://www.ntd.com/assets/uploads/2020/03/Carlie-Facer-482x271.jpg Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx/1.12.2 / Resource Hash 47e21071ebffee83ed3cfbd6bd3c899ba96309d1a53e2a1f0f31ecb59205730f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT x-content-type-options nosniff last-modified Sat, 21 Mar 2020 01:36:31 GMT server nginx/1.12.2 x-microcachable 0 etag "5e756f9f-48af" x-hw 1589190202.cds043.pa1.hn,1589190202.cds046.pa1.sc,1589190202.dop014.sj3.r,1589190202.cds048.sj3.sc,1589190202.cds048.sj3.pr,1589190202.cds046.pa1.pr content-type image/jpeg status 200 cache-control max-age=315360000 content-length 18607 accept-ranges bytes x-device desktop x-xss-protection 1; mode=block
GET H2	200	dt.html cdn.digitru.st/prod/1.5.41/ Frame AFD8	0 0	8ms 7ms	Document text/html	2a01:4a0:1338:28::c38a:ff10 NETZBETRIEB-GMBH
General Check archive.org Show headers Download Go to Full URL https://cdn.digitru.st/prod/1.5.41/dt.html Requested by Host: cdn.digitru.st URL: https://cdn.digitru.st/prod/1/digitrust.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE), Reverse DNS Software DTOrigin-AK / Resource Hash Request headers :method GET :authority cdn.digitru.st :scheme https :path /prod/1.5.41/dt.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 last-modified Wed, 08 Jan 2020 20:51:16 GMT etag "9223f2606b924de3a6346b0126773a9e" accept-ranges bytes content-type text/html vary Accept-Encoding content-encoding gzip cache-control max-age=86400 expires Tue, 12 May 2020 09:43:22 GMT date Mon, 11 May 2020 09:43:22 GMT content-length 1951 server DTOrigin-AK access-control-allow-origin * p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	rtbsmpubs.php Show response hbx.media.net/	57 KB 2 KB	173ms 172ms	Script text/javascript	23.202.52.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8CUBNN02K&region=nv&ptrid=8PRL4E7N3&requestString=154127862*97%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40154127862*159%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*175%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*178%7C300x250~336x280%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*214%7C336x280~300x250%7C8CUBNN02K%7C154127862_8CUBNN02K~154127862_8CUBNN02K%40154127862*222%7C336x280%7C8CUBNN02K%7C154127862_8CUBNN02K%40219315283*97%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40219315283*159%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*175%7C300x250~300x600%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*178%7C300x600~300x250%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*214%7C300x250~336x280%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40219315283*222%7C336x280~300x250%7C8CUBNN02K%7C219315283_8CUBNN02K~219315283_8CUBNN02K%40361572443*97%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40361572443*159%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*175%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*178%7C336x280~300x250%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*214%7C300x250~336x280%7C8CUBNN02K%7C361572443_8CUBNN02K~361572443_8CUBNN02K%40361572443*222%7C300x250%7C8CUBNN02K%7C361572443_8CUBNN02K%40432445934*97%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40432445934*159%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*175%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*178%7C336x280~300x250%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*214%7C300x250~336x280%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40432445934*222%7C336x280~300x250%7C8CUBNN02K%7C432445934_8CUBNN02K~432445934_8CUBNN02K%40457067574*97%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40457067574*159%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*175%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*178%7C300x600~300x250%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*214%7C300x250~300x600%7C8CUBNN02K%7C457067574_8CUBNN02K~457067574_8CUBNN02K%40457067574*222%7C300x250%7C8CUBNN02K%7C457067574_8CUBNN02K%40822340472*97%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40822340472*159%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*175%7C300x250~336x280%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*178%7C336x280~300x250%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*214%7C300x100~320x100~300x250%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%40822340472*222%7C300x250~320x100~300x100%7C8CUBNN02K%7C822340472_8CUBNN02K~822340472_8CUBNN02K~822340472_8CUBNN02K%40833186455*97%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40833186455*159%7C336x280~300x250%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*175%7C336x280~300x250%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*178%7C336x280~300x250%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*214%7C300x250~336x280%7C8CUBNN02K%7C833186455_8CUBNN02K~833186455_8CUBNN02K%40833186455*222%7C300x250%7C8CUBNN02K%7C833186455_8CUBNN02K%40839126647*97%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40839126647*159%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*175%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*178%7C300x250~336x280%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*214%7C300x250~336x280~300x600%7C8CUBNN02K%7C839126647_8CUBNN02K~839126647_8CUBNN02K~839126647_8CUBNN02K%40839126647*222%7C300x250%7C8CUBNN02K%7C839126647_8CUBNN02K%40895788568*97%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*126%7C300x250~300x600~320x50~300x50~728x90~970x250~190x90~160x600~336x280~970x90%7C8CUBNN02K%7C_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182~_200182%40895788568*159%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*175%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*178%7C300x600~300x250%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*214%7C300x250~300x600%7C8CUBNN02K%7C895788568_8CUBNN02K~895788568_8CUBNN02K%40895788568*222%7C300x250%7C8CUBNN02K%7C895788568_8CUBNN02K&crid=154127862%2C219315283%2C361572443%2C432445934%2C457067574%2C822340472%2C833186455%2C839126647%2C895788568&sd=1&requrl=https%3A%2F%2Fwww.ntd.com%2F&bl=1&rt=5&dn=https://www.ntd.com&https=1&act=headerBid&prvReqId=197953863694461371589190202389&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.9315235406408611&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A14781%7D&itype=HB&cc=DE&rc=HE&ct=FRANKFURT&prid=8PRVCXX19&ssa=1&switch=1&callback=window.advBidxc.rtbsheaderBid1S0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.202.52.26 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-202-52-26.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 3527ec8c18aad040671d26cddce03f04ac9983918b5412d4ef5adf58ef474f63 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 content-encoding gzip server Apache date Mon, 11 May 2020 09:43:22 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control max-age=0, no-cache, no-store timing-allow-origin * content-length 2007 x-mnet-hl2 E expires Mon, 11 May 2020 09:43:22 GMT
GET H2	200	checksync.php hbx.media.net/ Frame CB6F	0 0	31ms 30ms	Document text/html	23.202.52.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUBNN02K&prvid=80%2C97%2C109%2C126%2C148%2C157%2C159%2C175%2C178%2C186%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C3008%2C3014%2C3015&rtime=29&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.202.52.26 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-202-52-26.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers :method GET :authority hbx.media.net :scheme https :path /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUBNN02K&prvid=80%2C97%2C109%2C126%2C148%2C157%2C159%2C175%2C178%2C186%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C3008%2C3014%2C3015&rtime=29&https=1&gdpr=1&gdprconsent=2&usp_status=0&usp_consent=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie gdpr_status=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 server Apache content-type text/html; charset=UTF-8 set-cookie gdpr_status=1; Expires=Thu, 12 Nov 2020 09:43:22 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2321918022086837000V10; Expires=Tue, 11 May 2021 09:43:22 GMT; domain=.media.net; Path=/; sameSite=none; secure=true x-mnet-hl2 E p3p CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA strict-transport-security max-age=604800 vary Accept-Encoding content-encoding gzip cache-control max-age=28404 expires Mon, 11 May 2020 17:36:46 GMT date Mon, 11 May 2020 09:43:22 GMT content-length 6955
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	46 KB 15 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 062e879de4e77579c4a5246b16a65ef7a8dc7f1fb0f0efa3b3b828998dfab4cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "512 / 896 of 1000 / last-modified: 1588968800" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 15400 x-xss-protection 0 expires Mon, 11 May 2020 09:43:22 GMT
GET H2	200	pubads_impl_2020043001.js Show response securepubads.g.doubleclick.net/gpt/	239 KB 86 KB	58ms 43ms	Script text/javascript	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software sffe / Resource Hash 2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 13:07:28 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87920 x-xss-protection 0 expires Mon, 11 May 2020 09:43:22 GMT
POST H/1.1	204 No Content	232511 Show response search.spotxchange.com/openrtb/2.3/dados/	0 1 KB	157ms 75ms	XHR application/json	185.94.180.124 SPOTX-AMS
General Check archive.org Show headers Download Go to Full URL https://search.spotxchange.com/openrtb/2.3/dados/232511 Requested by Host: aka.spotxcdn.com URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ x-openrtb-version 2.3 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-spotx-Exception-RESULT exception Date Mon, 11 May 2020 09:43:22 GMT Access-Control-Allow-Methods POST, GET, PATCH, DELETE, OPTIONS X-SpotX-Timing-Transform 0.000219 X-spotx-Exception-Message SpotMarket execution was halted. X-SpotX-Timing-Page-Mux 0.000260 X-spotx-Exception-conf-Message Channel ID '232511' has no active deals. X-SpotX-Timing-Page-Require 0.000361 X-fe 116 Connection keep-alive X-SpotX-Timing-Page 0.048305 X-SpotX-Timing-Page-Cookie 0.000021 X-spotx-Exception-conf-ID SPOTMARKET.DEALS_INACTIVE Pragma no-cache X-SpotX-Timing-Page-Context 0.000432 Last-Modified Mon, 11 May 2020 09:43:22 GMT Server nginx Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0 X-SpotX-Timing-SpotMarket-Primary 0.044289 X-spotx-Exception-conf-RESULT failure Content-Type application/json Access-Control-Allow-Origin https://www.ntd.com X-SpotX-Timing-Page-Misc 0.002696 X-SpotX-Timing-Page-Exception 0.000016 X-SpotX-Timing-SpotMarket-Secondary 0.000000 X-SpotX-Timing-Page-URI 0.000011 X-spotx-Exception-ID SPOTMARKET.HALTED Access-Control-Allow-Headers X-SpotX-Timing-SpotMarket 0.044289 Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	124 B 503 B	163ms 162ms	XHR text/javascript	13.225.86.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2F&pid=mYzdxuWAhq1tW&cb=0&ws=1600x1200&v=7.49.02&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-1%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-86-250.fra2.r.cloudfront.net Software Server / Resource Hash de432bb7a9a6878e9b090dc55b44dcf20ca86d201e482c42326da086ad9c79f3 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip server Server x-amz-cf-pop FRA2-C2 status 200 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 131 via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) x-amz-cf-id tFYgqg9iArFnKNo3Gnkh2N0pcXur6zukIq3iIsUhfGVBv3lX1Eouyw==
POST H/1.1	200 OK	cookie_sync Show response prebid.adnxs.com/pbs/v1/	42 B 398 B	45ms 14ms	XHR application/json	37.252.161.190 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/cookie_sync Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams1.adnexus.net Software nginx/1.13.10 / Resource Hash 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:24 GMT Server nginx/1.13.10 Vary Origin Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 42 Expires 0
POST H/1.1	200 OK	auction Show response prebid.adnxs.com/pbs/v1/openrtb2/	149 B 491 B	439ms 409ms	XHR application/json	37.252.161.190 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/openrtb2/auction Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams1.adnexus.net Software nginx/1.13.10 / Resource Hash 57576985e115312a8c07f3c6b25daff807c572ce32c763b7603650e70c3dc726 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:25 GMT Server nginx/1.13.10 Vary Origin Content-Type application/json Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 149 Expires 0
GET H2	200	imp Show response g2.gumgum.com/hbid/	469 B 748 B	120ms 58ms	XHR application/json	54.154.22.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=32030&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.ntd.com&ns=10240&dt=Fu5WpZ%2Fw75H0fZYZdYrvRvx%2FMck5mZoPU6t8Df5HCg2E7nxqEbZDSfHDfstxLdV2j65JjcPALLeX0ouAk30VxlLsx2oK5LieEe98VlbtVj7DoEt%2F0LWxsL4nH3qzCifudbnRrzBhKp%2BoyaO9RPrJ9joUC56uAh6%2FxCwgVnt8igf7eI%2BybenhPFD9UKPvf3M%2Bytd0sCrK%2FR1644706HXPjX%2F7MnWxUxJ50%2FEuQMMaihvHOgznDsJZY4vq%2BjLDJpqi%2Fw2usD1WWIT%2FL0KzWJdaayEibJ%2BBhrIs89ev38YUZuacX0z8E%2B%2FfNy6%2FIwTYp8mUmqClSq7zx9r2aTpMk09aOQ%3D%3D& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.22.70 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-22-70.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 46ccf75757129e52e5d97982f07aa63765d1234f8a367fbf5605d2490ee7e3a8 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.ntd.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 295 B	82ms 67ms	XHR application/json	2.18.232.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-7.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Mon, 11 May 2020 09:43:22 GMT
GET H2	200	ADTECH;apid=1Adaf0d852-936b-11ea-b0c2-1237df373440;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736 Show response adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ Redirect Chain https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736; https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736 https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adaf0d852-936b-11ea-b0c2-1237df373440;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=15...	944 B 1 KB	137ms 137ms	XHR application/json	2606:2800:233:97b6:26be:138a:cba8:bb01 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adaf0d852-936b-11ea-b0c2-1237df373440;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Adtech Adserver / Resource Hash bd23b50f07780960dd80e1ec551cb4dd397b9570b3995a290cfc09851c475483 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT server Adtech Adserver status 200 access-control-allow-methods POST,GET,HEAD,OPTIONS p3p CP="NOI DSP DEVa OUR BUS UNI COM NAV INT" access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache access-control-allow-credentials true content-type application/json content-length 944 expires Mon, 15 Jun 1998 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT server nginx status 302 location https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adaf0d852-936b-11ea-b0c2-1237df373440;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=238e2246db61a6f;misc=1589190202736 access-control-allow-methods POST,GET,HEAD,OPTIONS p3p CP="NOI DSP DEVa OUR BUS UNI COM NAV INT" access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache access-control-allow-credentials true content-length 0 expires Mon, 15 Jun 1998 00:00:00 GMT
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	25 B 985 B	89ms 69ms	XHR application/json	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=360711&v=7.2&r=%7B%22id%22%3A%2215bd2f2a366ca7f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22168851fa546cbd4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360711%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 921c1f3f8a41502da0023d8bdcdbea79940dfa41740fce06bcf847104f968f6b Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:22 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://www.ntd.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 45 Expires Mon, 11 May 2020 09:43:22 GMT
POST H2	204	v1 Show response dmx.districtm.io/b/	0 62 B	46ms 18ms	XHR text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Mon, 11 May 2020 09:43:22 GMT server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://www.ntd.com access-control-allow-credentials true cf-ray 591af48f5856fa7c-AMS access-control-allow-headers Content-Type, Origin cf-request-id 02a4b72d950000fa7c43a60200000001
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	55ms 29ms	XHR application/json	185.33.220.242 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 2b4ca86ead21aaacbf4b77a63e3f3a13dddbd159776bc9f766c54954454d7595 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:24 GMT X-Proxy-Origin 185.220.70.68; 185.220.70.68; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.56:80 AN-X-Request-Uuid afe354ec-6780-444a-897f-702b16eb3257 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 2 KB	137ms 105ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&dt.id=Fu5WpZ%2Fw75H0fZYZdYrvRvx%2FMck5mZoPU6t8Df5HCg2E7nxqEbZDSfHDfstxLdV2j65JjcPALLeX0ouAk30VxlLsx2oK5LieEe98VlbtVj7DoEt%2F0LWxsL4nH3qzCifudbnRrzBhKp%2BoyaO9RPrJ9joUC56uAh6%2FxCwgVnt8igf7eI%2BybenhPFD9UKPvf3M%2Bytd0sCrK%2FR1644706HXPjX%2F7MnWxUxJ50%2FEuQMMaihvHOgznDsJZY4vq%2BjLDJpqi%2Fw2usD1WWIT%2FL0KzWJdaayEibJ%2BBhrIs89ev38YUZuacX0z8E%2B%2FfNy6%2FIwTYp8mUmqClSq7zx9r2aTpMk09aOQ%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Fwww.ntd.com%2F&tk_flint=pbjs_lite_v3.5.0&x_source.tid=18a4d00f-2fc3-4555-9026-762981552050&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10264699907442276 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software RAS 2.4 / Resource Hash 640656da246f7660146cd9c19802ed67ff1b13b2bb03c627179f8dd55c4fa29c Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:22 GMT Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection Keep-Alive Content-Type application/json Keep-Alive timeout=5, max=367 Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	124 B 504 B	96ms 96ms	XHR text/javascript	13.225.86.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.ntd.com%2F&pid=mYzdxuWAhq1tW&cb=1&ws=1600x1200&v=7.49.02&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5965368%2Fntd.tv_336x280-3%22%7D%5D&pubid=ae51d432-b517-4c68-9f8a-22444acccbb5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-86-250.fra2.r.cloudfront.net Software Server / Resource Hash 8f8420558edd7c376064b59b9d13484367d1f8c471a898c873d555781557d8bd Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip server Server x-amz-cf-pop FRA2-C2 status 200 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.ntd.com access-control-allow-credentials true timing-allow-origin * content-length 131 via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) x-amz-cf-id YXc3tRRXklXLMIfqmHadsFvh_R7l60jM8DM4lMFtv-gue6ojCTuLHw==
POST H/1.1	200 OK	auction Show response prebid.adnxs.com/pbs/v1/openrtb2/	148 B 490 B	142ms 114ms	XHR application/json	37.252.161.190 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/openrtb2/auction Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams1.adnexus.net Software nginx/1.13.10 / Resource Hash 5f9d58b921e0c8ed07767087c675f58494c6314f7a6b6d914ef940f76e36b1a0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:24 GMT Server nginx/1.13.10 Vary Origin Content-Type application/json Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 148 Expires 0
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 2 KB	140ms 104ms	XHR application/json	69.173.144.141 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21332&site_id=279204&zone_id=1401034&size_id=15&dt.id=Fu5WpZ%2Fw75H0fZYZdYrvRvx%2FMck5mZoPU6t8Df5HCg2E7nxqEbZDSfHDfstxLdV2j65JjcPALLeX0ouAk30VxlLsx2oK5LieEe98VlbtVj7DoEt%2F0LWxsL4nH3qzCifudbnRrzBhKp%2BoyaO9RPrJ9joUC56uAh6%2FxCwgVnt8igf7eI%2BybenhPFD9UKPvf3M%2Bytd0sCrK%2FR1644706HXPjX%2F7MnWxUxJ50%2FEuQMMaihvHOgznDsJZY4vq%2BjLDJpqi%2Fw2usD1WWIT%2FL0KzWJdaayEibJ%2BBhrIs89ev38YUZuacX0z8E%2B%2FfNy6%2FIwTYp8mUmqClSq7zx9r2aTpMk09aOQ%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Fwww.ntd.com%2F&tk_flint=pbjs_lite_v3.5.0&x_source.tid=7ed07d89-adea-4415-a10d-8b5960e53dd9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8449564474670692 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software RAS 2.4 / Resource Hash ad5e5d7cca451be73988a548154f1db8842e756547fee8b3c494efc2c80abf8d Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:22 GMT Server RAS 2.4 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection Keep-Alive Content-Type application/json Keep-Alive timeout=5, max=123 Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	imp Show response g2.gumgum.com/hbid/	469 B 748 B	109ms 59ms	XHR application/json	54.154.22.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g2.gumgum.com/hbid/imp?si=32030&pi=3&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.ntd.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.ntd.com&ns=10240&dt=Fu5WpZ%2Fw75H0fZYZdYrvRvx%2FMck5mZoPU6t8Df5HCg2E7nxqEbZDSfHDfstxLdV2j65JjcPALLeX0ouAk30VxlLsx2oK5LieEe98VlbtVj7DoEt%2F0LWxsL4nH3qzCifudbnRrzBhKp%2BoyaO9RPrJ9joUC56uAh6%2FxCwgVnt8igf7eI%2BybenhPFD9UKPvf3M%2Bytd0sCrK%2FR1644706HXPjX%2F7MnWxUxJ50%2FEuQMMaihvHOgznDsJZY4vq%2BjLDJpqi%2Fw2usD1WWIT%2FL0KzWJdaayEibJ%2BBhrIs89ev38YUZuacX0z8E%2B%2FfNy6%2FIwTYp8mUmqClSq7zx9r2aTpMk09aOQ%3D%3D& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.22.70 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-22-70.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 1a31d010ad88b9af981319dd828a3addc2f79e640942833e399726630e4f30ab Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip content-type application/json;charset=UTF-8 server nginx status 200 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.ntd.com cache-control private, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires 0
POST H2	200	bid-request Show response a.teads.tv/hb/	16 B 295 B	81ms 77ms	XHR application/json	2.18.232.7 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-7.deploy.static.akamaitechnologies.com Software / Resource Hash 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 May 2020 09:43:22 GMT content-encoding gzip status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.ntd.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Mon, 11 May 2020 09:43:22 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	111ms 85ms	XHR application/json	185.33.220.242 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 227387554d72265e57c9cfdc2033a3b9994ba0526d01a17becc2639edf5882a0 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:24 GMT X-Proxy-Origin 185.220.70.68; 185.220.70.68; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80 AN-X-Request-Uuid f75e2e7b-9aef-440f-8c04-993a14becf95 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.ntd.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v1 Show response dmx.districtm.io/b/	0 422 B	35ms 18ms	XHR text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmx.districtm.io/b/v1 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Mon, 11 May 2020 09:43:22 GMT server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://www.ntd.com access-control-allow-credentials true cf-ray 591af48f5858fa7c-AMS access-control-allow-headers Content-Type, Origin cf-request-id 02a4b72d960000fa7c43a61200000001
GET H2	200	ADTECH;apid=1Adae8c928-936b-11ea-b319-120d915f11b6;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749 Show response adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ Redirect Chain https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749; https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749 https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adae8c928-936b-11ea-b319-120d915f11b6;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=15...	944 B 1 KB	149ms 148ms	XHR application/json	2606:2800:233:97b6:26be:138a:cba8:bb01 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adae8c928-936b-11ea-b319-120d915f11b6;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749 Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Adtech Adserver / Resource Hash 8e3eb8fa82c1c6bf1bfe3877a46ec68cec1eb7fbbb3743771494066d0cf42448 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT server Adtech Adserver status 200 access-control-allow-methods POST,GET,HEAD,OPTIONS p3p CP="NOI DSP DEVa OUR BUS UNI COM NAV INT" access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache access-control-allow-credentials true x-adtech-meta {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select002c.us-east-1.prod.adtech.aolcloud.net", "UserId": "FAFC4BE1DB7839EFBDE9F3C9FD526822"}} content-type application/json content-length 944 expires Mon, 15 Jun 1998 00:00:00 GMT Redirect headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT server nginx status 302 location https://adserver-us.adtech.advertising.com/pubapi/3.0/10564.1/4514956/0/0/ADTECH;apid=1Adae8c928-936b-11ea-b319-120d915f11b6;cfp=1;rndc=1589190202;v=2;cmd=bid;cors=yes;alias=46b9a777865ca7b;misc=1589190202749 access-control-allow-methods POST,GET,HEAD,OPTIONS p3p CP="NOI DSP DEVa OUR BUS UNI COM NAV INT" access-control-allow-origin https://www.ntd.com cache-control no-store, no-cache access-control-allow-credentials true content-length 0 expires Mon, 15 Jun 1998 00:00:00 GMT
GET H/1.1	200 OK	cygnus Show response as-sec.casalemedia.com/	25 B 985 B	94ms 80ms	XHR application/json	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=360713&v=7.2&r=%7B%22id%22%3A%224410bc6bc22bd94%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2245a2c609fcc0996%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360713%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ntd.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8127bcc2d12d5161c48063ba6ef397069c77eb22ae3718376a4f6820532c8dc9 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 11 May 2020 09:43:22 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Access-Control-Allow-Origin https://www.ntd.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 45 Expires Mon, 11 May 2020 09:43:22 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	410 B 728 B	45ms 44ms	XHR text/plain	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3422205051272857&correlator=3263374732733725&output=ldjh&impl=fifs&adsid=NT&eid=21065920&vrg=2020043001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200511&iu_parts=37445998%2Cntd.tv_250x150&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x150&eri=1&cust_params=site%3Dwww.ntd.com%252Cntd.com&cookie_enabled=1&bc=31&abxe=1&lmt=1589190202&dt=1589190202764&dlt=1589190200102&idt=2608&frm=20&biw=1585&bih=1200&oid=3&adxs=223&adys=1329&adks=808059460&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2F&dssz=33&icsg=2251799864181756&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=270x2425&msz=270x150&ga_vid=1571154102.1589190202&ga_sid=1589190203&ga_hid=89527075&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash 6892b5e541cbe973eef282f36724abef7e7ba26ce730431b0da356892a83af90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 221 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	5ms 5ms	Other text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H/1.1	200 OK	Cookie set iu3 aax-eu.amazon-adsystem.com/s/ Frame B823 Redirect Chain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t	0 0	192ms 191ms	Document text/html	52.94.216.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Request headers Host aax-eu.amazon-adsystem.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie ad-id=AzuTP6dq8k0oq1IQRVS0D9Y|t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Server Server Date Mon, 11 May 2020 09:43:23 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 198 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Set-Cookie ad-id=AzuTP6dq8k0oq1IQRVS0D9Y; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 09:43:22 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 09:43:23 GMT; Path=/; Secure; HttpOnly; SameSite=None Vary Accept-Encoding,User-Agent Content-Encoding gzip Redirect headers Server Server Date Mon, 11 May 2020 09:43:22 GMT Content-Length 0 Connection keep-alive Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_oath_snb_r1u_dm_cnv&dcc=t Set-Cookie ad-id=AzuTP6dq8k0oq1IQRVS0D9Y|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 09:43:22 GMT; Path=/; Secure; HttpOnly; SameSite=None Vary User-Agent
GET H2	200	rtbsmpubs.php Show response hbx.media.net/	4 KB 990 B	208ms 208ms	Script text/javascript	23.202.52.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hbx.media.net/rtbsmpubs.php?&gdpr=1&gdprconsent=1&usp_enf=1&usp_status=0&cid=8CUBNN02K&region=nv&ptrid=8PRL4E7N3&requestString=445443433*97%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K%40445443433*126%7C300x250%7C8CUBNN02K%7C_200182%40445443433*159%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K%40445443433*175%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K%40445443433*178%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K%40445443433*214%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K%40445443433*222%7C300x250%7C8CUBNN02K%7C445443433_8CUBNN02K&crid=445443433&sd=1&requrl=https%3A%2F%2Fwww.ntd.com%2F&bl=1&rt=5&dn=https://www.ntd.com&https=1&act=headerBid&prvReqId=229864769538914161589190203412&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.5846422127571396&ndec=1&scrsize=1600x1200&taginfo=%7B%22445443433%22%3A%7B%22xps%22%3A1362%2C%22yps%22%3A5233%7D%7D&pageinfo=%7B%22vw%22%3A1585%2C%22vh%22%3A1200%2C%22ph%22%3A14069%7D&itype=HB&cc=DE&rc=HE&ct=FRANKFURT&prid=8PRVCXX19&ssa=1&callback=window.advBidxc.rtbsheaderBid3S0 Requested by Host: hbx.media.net URL: https://hbx.media.net/bidexchange.js?cid=8CUBNN02K&version=5.1&dn=www.ntd.com&https=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.202.52.26 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-202-52-26.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 46dbde14c0b1472a1c4489ae6c41f2d2ec780f46dd8da039419af9d8cfee3e85 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 content-encoding gzip server Apache date Mon, 11 May 2020 09:43:23 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control max-age=0, no-cache, no-store timing-allow-origin * content-length 771 x-mnet-hl2 E expires Mon, 11 May 2020 09:43:23 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	5 KB 2 KB	286ms 286ms	XHR text/plain	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3422205051272857&correlator=3263374732733725&output=ldjh&impl=fifs&adsid=NT&eid=21065920%2C21064502&vrg=2020043001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200511&iu_parts=5965368%2Cntd.tv_336x280-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=first_article%3Dfalse%26amznbid%3D2%26amznp%3D2%26mnetDNB%3D1%26mnetPageID%3D10%26mnetCV%3D3%26mnetCC%3DDE%26mnetUGD%3D4&eri=1&cust_params=site%3Dwww.ntd.com%252Cntd.com&cookie=ID%3D47b12166c3a6c076%3AT%3D1589190202%3AS%3DALNI_MbLGJnoLWnyzCiBh-Rcbj_0DJZHdw&cookie_enabled=1&bc=31&abxe=1&lmt=1589190203&dt=1589190203725&dlt=1589190200102&idt=2608&frm=20&biw=1585&bih=1200&oid=3&adxs=1063&adys=5233&adks=127328227&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ntd.com%2F&dssz=34&icsg=2251799864181756&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x1196&msz=300x294&ga_vid=1571154102.1589190202&ga_sid=1589190203&ga_hid=89527075&fws=0&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash 621111ff1932514122b298eaf1e9e500f412c8c3b9c0497c8dc9029117e4a666 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:24 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2363 x-xss-protection 0 google-lineitem-id 5365986460 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138311043441 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.ntd.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	ping.gif prd.jwpltx.com/v1/clienta/	0 63 B	100ms 99ms	Image text/plain	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://prd.jwpltx.com/v1/clienta/ping.gif?h=1698963962&e=abq&n=9913949597166638&abc=0&aid=8Z4U0lMOEeSfryIACy4B0g&ask=00000000&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=yfnia26us2iu&i=0&lid=db9re2bnfofq&lsa=set&mt=0&pbd=1&pbr=1&pgi=8hfomt183c10&ph=0&pii=0&pl=423&plc=1&pli=1wed4br18s4s&pp=hlsjs&prc=1&ps=4&pss=0&pt=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&pu=https%3A%2F%2Fwww.ntd.com%2F&pv=8.5.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Youmaker%20video&tv=3.13.0&vb=0&vi=0&vl=90&wd=752&ab=1&abid=wxzso9e66q00&abo=pre&apid=nilc1mopje00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxi=232511&vpb=%7B%22spotx.id%22%3A232511%7D&sa=1589190203729 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:23 GMT via 1.1 varnish server nginx x-cache MISS status 204 x-cache-hits 0 accept-ranges bytes x-served-by cache-hhn4082-HHN
GET H2	204	ping.gif prd.jwpltx.com/v1/clienta/	0 26 B	103ms 102ms	Image text/plain	2a04:4e42:1b::626 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://prd.jwpltx.com/v1/clienta/ping.gif?h=1595607543&e=abr&n=8871753773102700&abc=0&aid=8Z4U0lMOEeSfryIACy4B0g&ask=00000000&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=yfnia26us2iu&gfb=0&gifr=0&gios=0&i=0&lid=db9re2bnfofq&lsa=set&mt=0&pbd=1&pbr=1&pgi=8hfomt183c10&ph=0&pii=0&pl=423&plc=1&pli=1wed4br18s4s&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=NTD%20News%20-%20Breaking%20News%2C%20Latest%20News%20and%20Videos&pu=https%3A%2F%2Fwww.ntd.com%2F&pv=8.5.5&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Youmaker%20video&tv=3.13.0&vb=0&vi=0&vl=90&wd=752&ab=1&abid=wxzso9e66q00&abo=pre&apid=nilc1mopje00&awi=1&awc=1&p=-1&pc=0&pi=0&pr=0&aml=0&asxb=0&asxi=232511&asxt=1016&vpb=%7B%22spotx.id%22%3A232511%2C%22spotx.result%22%3A0%2C%22spotx.timeForBidResponse%22%3A1016%7D&sa=1589190203729 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::626 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:23 GMT via 1.1 varnish server nginx x-cache MISS status 204 x-cache-hits 0 accept-ranges bytes x-served-by cache-hhn4082-HHN
GET H2	200	log hblg.media.net/	35 B 194 B	24ms 18ms	Image image/gif	23.202.52.26 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hblg.media.net/log?logid=aplog&pid=8PRL4E7N3&itype=HB&dn=ntd.com&cid=8CUBNN02K&svr=2020050713_798&servname=c8-web-25&gdpr=1&csex=2&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&usp_status=0&usp_enf=1&usp_string=&ufca=&usp_ldf=&ugd=4&adt=desktop&vid=00001589190203721031182208007696&vsid=&sd=1&gtd=150&inid=0&gfd=450&cc=DE&sc=HE&ct=FRANKFURT&abte=CONTROL&adbd=0&amp=0&version=5.1&sB=true&cors=true&disB=false&ice=0&vw=1585&vh=1200&pht=14069&cl=0&__rk=0&app=0&rtype=&vendor=Google%20Inc.&isSafari=0&pvid=0&prvAccId=&prvApiId=&exid=&pcId=0000EEA&adj0=0&adj1=0&adj2=0&adj3=0&mowxReqId=&crid=445443433&g=0&size=300x250&sec=&chnl=&prspt=headerBid&rfc=0&tref=0&fpuReq=0&bdp=0&cbdp=0&dcbdp=0&ckfl=&cs=&mnet_ckfl=&cat=&attr=&advId=&advNm=&advUrl=&dfpBd=0&nms=1&di=&dt=&epc=&ogbdp=0&s=1&snm=success&dbf=1&bdata=&cmpid=&bId=&pcrid=&ruct=0&brs=&brr=&iurl=&htps=0&ptype=20&pbidflr=0&exp=&bfs=0&seat=&nbr=&ba=1&ybnca_gbid=&ybnca_erpm=&ybnca_vbid=&yogbdp=&yErpmFlag=&smsrc=1&strg=&ybnca_bbid=&prvReqId=&dStat=&ogbid=0&acid=416463854267064541589190203411&act=headerBid&dtfdl=-1&dspltime=305&ttfd=1351&rtime=&dtc=&rtbsv2=&apid=&wsip=&ltime=&abs=&ssregion=&ssreqid=&sssvnm=&top=5211&btm=5255&lft=1362&rght=1362&ttm=0&vtm=0&sttm=0&svtm=0&mnrfc=0&mnrf=0&invw=0&patkey=&patint=&pc=&spSource=0&spIvt=0&spId=&spFst=0&spIsReq=0&spTo=0&pgcatiab=&pgcatiab2=&pgcatsprig=&gFunDl=450&ngFunDl=600&rDl=300&refVisId=&osnbr=&brf=0&iwb=0&toconsider=0&dcs=&auMxTm=600&actltime=306&acsn=1&dfpDiv=front_ads_right_300_01&dfpAdPath=&dfpPos=&sbdrid=&bbdrid=&td=%7C&lper=1&requrl=https%3A%2F%2Fwww.ntd.com%2F&kwrf=&epurl= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.202.52.26 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-202-52-26.deploy.static.akamaitechnologies.com Software Jetty(9.4.25.v20191220) / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT server Jetty(9.4.25.v20191220) status 200 content-type image/gif access-control-allow-origin * cache-control max-age=0, no-cache, no-store content-length 35 expires Mon, 11 May 2020 09:43:23 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	16ms 16ms	XHR application/json	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020043001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 049253e52d8832b43640df2846f8abb714cfef87270272969fe8c1f8c191f131 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 May 2020 09:43:23 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5568 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5456 x-xss-protection 0 expires Mon, 11 May 2020 09:43:23 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame 20E6	0 0	6ms 5ms	Document text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Mon, 11 May 2020 09:19:14 GMT expires Tue, 11 May 2021 09:19:14 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1449 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 58 B	39ms 38ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020043001&jk=3422205051272857&bg=!kpGlkYlYGNfcXte3pMMCAAAANlIAAAAJmQFzcyvg3pXYtS60xrTrOpIrIefoWKnNuOfG8o_Qkr8NHGLlOcD93w3jRNPcbf58zjDXvXxD8HNEndR8A7w8sSu94h0I-q06Tzl5CT1NcZ9Z8Xtdh1v1_33X9mbwWRVzr8Xr6QiH6dyX6i_EptLmMTjN1WZDlPLOkqhXkCecX8UeMMGo4wIUdIv9QOSwJJmnuBbvnE0Z5sUd3j_qbuX3keK3mrMLfKXdrWKMkp5Wx8GjnTyyPjtsFZT9_S-4jnBuw6bKFK6iiEy4e0Bk122shK2Is4V_94xQs7o9wFkx2UF7DuB36DEhxj5qKMmW9Qyr499jUDizat0kslXXIhmUu6CPB4Y_zkH_HPcTIbvDNNBl9HEzVGdkfS3Cf6rZrtpXRnbMjFC_MMoOFfkwTetSIW0I345WAGdbHAtGhT65ddhH3g8p6j9AMPu_R0nWYMwseVnWraOwjwduZlLaszL36XSX5AWWdJcEan72vNaxlzMSw0e7-ZE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view securepubads.g.doubleclick.net/pcs/ Frame 1C4D	0 0	42ms 42ms	Fetch image/gif	172.217.22.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4DMAl4bP7Nee9_NhOFwRguHLa8Ilg7u_N_zQNr8bU1V4EXEMBc64j9addq9mJnGtkeTfpXiGjZ1ZKwCU1yVMoyqqsR_G8FBJdzZkBXTHTaGgRsuxC8XPXBF5GAwNw945qr7rxJ01d4tIWTN3XBwgrblxvOelEhjAEFvX0jFE_FAxN_MUawvvcox6Dn_9ytAyABaRTAWmoJsGInj7flfxzKREw_FwgMHBKw3aizj5g5QjZ3PE9uZjYkW9ICuxsq38miwaCuraJRFJ2TfpnqytmPvtERdc_ZpsMbw5Z-VKnY1qdoWs&sig=Cg0ArKJSzLPNBh9K24xDEAE&urlfix=1&adurl= Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 11 May 2020 09:43:24 GMT x-content-type-options nosniff server cafe status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private content-type image/gif alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	osd_listener.js Show response www.googletagservices.com/activeview/js/current/ Frame 1C4D	74 KB 28 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 32ab9cbc82797d05b18d1a15697b8dc8e70cba544d3134a07e50c641166da1a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1588975424504927" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28371 x-xss-protection 0 expires Mon, 11 May 2020 09:43:24 GMT
GET H2	200	2154677270665194783 tpc.googlesyndication.com/simgad/ Frame 1C4D	98 KB 98 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2154677270665194783 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b8f2256075d7a9f8a6a3445adc54de3bef8cc48c2cbbf003450ad97b17c73a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 23:05:53 GMT x-content-type-options nosniff age 297451 x-dns-prefetch-control off status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100586 x-xss-protection 0 last-modified Thu, 07 May 2020 22:51:03 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 07 May 2021 23:05:53 GMT
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1588975424504927" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27855 x-xss-protection 0 expires Mon, 11 May 2020 09:43:24 GMT
GET DATA	200 OK	truncated / Frame 1C4D	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2e5efe4ab6050d5d3545fee7e3af33ebef0144f94c5566f0892b86865d2a978a Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
POST H2	200	log Show response adstat.youmaker.com/	0 111 B	112ms 112ms	XHR text/plain	35.184.75.251 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adstat.youmaker.com/log Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.184.75.251 , United States, ASN15169 (GOOGLE, US), Reverse DNS 251.75.184.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers status 200 date Mon, 11 May 2020 09:43:24 GMT server nginx access-control-allow-origin https://www.ntd.com access-control-allow-headers Content-Type content-length 0
GET H2	200	css fonts.googleapis.com/	5 KB 762 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d32996520262a9559a26eafe3413cf1a2fe53f448da989d0493e7851f887a1b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 11 May 2020 09:43:24 GMT server ESF date Mon, 11 May 2020 09:43:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 May 2020 09:43:24 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:400,700 Origin https://www.ntd.com Response headers date Tue, 14 Apr 2020 23:26:59 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 2283385 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Wed, 14 Apr 2021 23:26:59 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	5ms 5ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:400,700 Origin https://www.ntd.com Response headers date Wed, 15 Apr 2020 00:22:14 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 2280070 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11020 x-xss-protection 0 expires Thu, 15 Apr 2021 00:22:14 GMT
POST H2	200	log Show response adstat.youmaker.com/	0 111 B	116ms 114ms	XHR text/plain	35.184.75.251 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adstat.youmaker.com/log Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.184.75.251 , United States, ASN15169 (GOOGLE, US), Reverse DNS 251.75.184.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers status 200 date Mon, 11 May 2020 09:43:25 GMT server nginx access-control-allow-origin https://www.ntd.com access-control-allow-headers Content-Type content-length 0
GET H2	200	iframe sync.teads.tv/ Frame D15A	0 0	85ms 66ms	Document text/html	104.109.66.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.66.25 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-66-25.deploy.static.akamaitechnologies.com Software akka-http/10.1.9 / Resource Hash Request headers :method GET :authority sync.teads.tv :scheme https :path /iframe?hb_provider=prebid&hb_version=3.5.0& pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie cs=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 content-type text/html; charset=UTF-8 server akka-http/10.1.9 content-length 153 expires Mon, 11 May 2020 09:43:25 GMT cache-control max-age=0, no-cache, no-store pragma no-cache date Mon, 11 May 2020 09:43:25 GMT set-cookie tt_bluekai=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame D6D0	0 0	25ms 7ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie icu=ChgI159BEAoYASABKAEwvLzk9QU4AUABSAEQvLzk9QUYAA..; uuid2=7659478490772811650 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Connection keep-alive Content-Length 506 Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Accept-Ranges bytes Date Mon, 11 May 2020 09:43:25 GMT Age 24105690 X-Served-By cache-jfk8138-JFK, cache-fra19176-FRA X-Cache HIT, HIT X-Cache-Hits 391291, 799925 X-Timer S1589190205.390215,VS0,VE0 Vary Accept-Encoding
GET H2	204	index.html cdn.districtm.io/ids/ Frame 1C31	0 0	20ms 19ms	Document text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 204 date Mon, 11 May 2020 09:43:25 GMT set-cookie __cfduid=d16fcdf62858a2af9fefacfe1e1ca0ac21589190205; expires=Wed, 10-Jun-20 09:43:25 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 591af49fade7fa7c-AMS cf-request-id 02a4b737c90000fa7c43af6200000001
GET H/1.1	200 OK	usync.html eus.rubiconproject.com/ Frame 334B	0 0	29ms 10ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhLqCtjDNRTpP3Ow53wYWQO2uPRcOeY7Llho/RRR2s2jWpYWaqeROXM3r9QV20o10JuQw19gMkasvdREJwzG6pEKJWU63jQqC3MjDFVf/xlH9h; ses15=; vis15=279204^1; khaos=KA2ATCBR-5-3CVX; audit=1|hLZGFuTafB0IktM7+11AMfvNZcUr9GqchBytXTIwmVvjDwf7JfkLL1NTxdEZG0DF4HEYI5ehIrUKiVeymViM8NzpQ7vzkXQ/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Last-Modified Thu, 23 Apr 2020 20:31:59 GMT Content-Encoding gzip Content-Length 9123 Content-Type text/html; charset=UTF-8 Cache-Control max-age=18117 Expires Mon, 11 May 2020 14:45:22 GMT Date Mon, 11 May 2020 09:43:25 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	showad.js ads.pubmatic.com/AdServer/js/ Frame B56E	0 0	33ms 16ms	Document text/html	23.210.249.92 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-92.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Last-Modified Tue, 14 Apr 2020 10:27:52 GMT ETag "13006b6-a4bb-5a33da6f1a023" Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 15243 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=19247 Expires Mon, 11 May 2020 15:04:12 GMT Date Mon, 11 May 2020 09:43:25 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	pd u.openx.net/w/1.0/ Frame 2E0C Redirect Chain https://u.openx.net/w/1.0/pd https://u.openx.net/w/1.0/pd?cc=1	0 0	45ms 45ms	Document text/html	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://u.openx.net/w/1.0/pd?cc=1 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.185.0 / Resource Hash Request headers :method GET :authority u.openx.net :scheme https :path /w/1.0/pd?cc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie i=191ea1a1-a9c0-48e4-a9e7-e85f4bbbb373|1589190205 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 vary Accept, Accept-Encoding set-cookie i=191ea1a1-a9c0-48e4-a9e7-e85f4bbbb373|1589190205; Version=1; Expires=Tue, 11-May-2021 09:43:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1589190205|mOgikimWiygu; Version=1; Expires=Tue, 26-May-2020 09:43:25 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.185.0 p3p CP="CUR ADM OUR NOR STA NID" date Mon, 11 May 2020 09:43:25 GMT content-type text/html content-length 375 content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 set-cookie i=191ea1a1-a9c0-48e4-a9e7-e85f4bbbb373|1589190205; Version=1; Expires=Tue, 11-May-2021 09:43:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.185.0 p3p CP="CUR ADM OUR NOR STA NID" location https://u.openx.net/w/1.0/pd?cc=1 date Mon, 11 May 2020 09:43:25 GMT content-length 0 via 1.1 google alt-svc clear
GET H/1.1	200 OK	showad.js ads.pubmatic.com/AdServer/js/ Frame A855	0 0	29ms 14ms	Document text/html	23.210.249.92 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/showad.js Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-92.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash Request headers Host ads.pubmatic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Last-Modified Tue, 14 Apr 2020 10:27:52 GMT ETag "13006b6-a4bb-5a33da6f1a023" Server Apache/2.2.15 (CentOS) Accept-Ranges bytes Content-Encoding gzip P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Content-Length 15243 Content-Type text/html; charset=UTF-8 Cache-Control public, max-age=19247 Expires Mon, 11 May 2020 15:04:12 GMT Date Mon, 11 May 2020 09:43:25 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 84A1	0 0	21ms 8ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.ntd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie icu=ChgI159BEAoYASABKAEwvLzk9QU4AUABSAEQvLzk9QUYAA..; uuid2=7659478490772811650 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers Connection keep-alive Content-Length 506 Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Accept-Ranges bytes Date Mon, 11 May 2020 09:43:25 GMT Age 24105690 X-Served-By cache-jfk8138-JFK, cache-fra19176-FRA X-Cache HIT, HIT X-Cache-Hits 391291, 799926 X-Timer S1589190205.399799,VS0,VE0 Vary Accept-Encoding
GET H2	204	index.html cdn.districtm.io/ids/ Frame 9A06	0 0	18ms 18ms	Document text/plain	104.16.190.66 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.districtm.io/ids/index.html Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority cdn.districtm.io :scheme https :path /ids/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 204 date Mon, 11 May 2020 09:43:25 GMT set-cookie __cfduid=d16fcdf62858a2af9fefacfe1e1ca0ac21589190205; expires=Wed, 10-Jun-20 09:43:25 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers Content-Type, Origin access-control-allow-methods GET, HEAD, POST, OPTIONS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 591af49fbe04fa7c-AMS cf-request-id 02a4b737d70000fa7c43af7200000001
GET H2	200	iframe sync.teads.tv/ Frame 681C	0 0	57ms 56ms	Document text/html	104.109.66.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sync.teads.tv/iframe?hb_provider=prebid&hb_version=3.5.0& Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.66.25 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-66-25.deploy.static.akamaitechnologies.com Software akka-http/10.1.9 / Resource Hash Request headers :method GET :authority sync.teads.tv :scheme https :path /iframe?hb_provider=prebid&hb_version=3.5.0& pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie cs=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 content-type text/html; charset=UTF-8 server akka-http/10.1.9 content-length 153 expires Mon, 11 May 2020 09:43:25 GMT cache-control max-age=0, no-cache, no-store pragma no-cache date Mon, 11 May 2020 09:43:25 GMT set-cookie tt_bluekai=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Tue, 12 May 2020 09:43:25 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
GET H2	200	pd u.openx.net/w/1.0/ Frame 3D23 Redirect Chain https://u.openx.net/w/1.0/pd https://u.openx.net/w/1.0/pd?cc=1	0 0	21ms 19ms	Document text/html	34.95.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://u.openx.net/w/1.0/pd?cc=1 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/m-ntd/js/ads/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.185.0 / Resource Hash Request headers :method GET :authority u.openx.net :scheme https :path /w/1.0/pd?cc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.ntd.com/ accept-encoding gzip, deflate, br accept-language en-US cookie i=191ea1a1-a9c0-48e4-a9e7-e85f4bbbb373|1589190205; pd=v2|1589190205|mOgikimWiygu Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.ntd.com/ Response headers status 200 vary Accept, Accept-Encoding set-cookie i=191ea1a1-a9c0-48e4-a9e7-e85f4bbbb373|1589190205; Version=1; Expires=Tue, 11-May-2021 09:43:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1589190205|kimWfcgqiysLomgemOgun0gi; Version=1; Expires=Tue, 26-May-2020 09:43:25 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.185.0 p3p CP="CUR ADM OUR NOR STA NID" date Mon, 11 May 2020 09:43:25 GMT content-type text/html content-length 355 content-encoding gzip via 1.1 google alt-svc clear Redirect headers status 302 set-cookie i=4c10968c-8aaa-47c2-ad9b-bcc60bfa436c|1589190205; Version=1; Expires=Tue, 11-May-2021 09:43:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.185.0 p3p CP="CUR ADM OUR NOR STA NID" location https://u.openx.net/w/1.0/pd?cc=1 date Mon, 11 May 2020 09:43:25 GMT content-length 0 via 1.1 google alt-svc clear
GET H2	200	generic match.adsrvr.org/track/cmf/	70 B 264 B	60ms 57ms	Image image/gif	52.208.84.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.84.65 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-84-65.eu-west-1.compute.amazonaws.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Mon, 11 May 2020 09:43:25 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" status 200 cache-control private,no-cache, must-revalidate content-type image/gif content-length 70
GET H2	204	current aol-match.dotomi.com/match/bounce/	0 103 B	71ms 68ms	Image text/plain	2a02:fa8:8806:13::1430 VCLK-EU-
General Check archive.org Show headers Download Go to Show image Full URL https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Adaf0d852-936b-11ea-b0c2-1237df373440&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 pragma no-cache date Mon, 11 May 2020 09:43:25 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/56465/ Redirect Chain https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440&verify=true https://pr-bh.ybp.yahoo.com/sync/adtech/1Adaf0d852-936b-11ea-b0c2-1237df373440?gdpr=1&gdpr_consent= https://pixel.advertising.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0 https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440	0 1 KB	118ms 118ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.106 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 11 May 2020 09:43:25 GMT Server ATS/7.1.2.106 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers status 302 date Mon, 11 May 2020 09:43:25 GMT location https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-1R6pg3h1lxlOtKG58k6fC4cvj0PZ4LfolkXT&_origin=0&nsync=0&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55965/ Redirect Chain https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440	0 977 B	19ms 14ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.106 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 11 May 2020 09:43:25 GMT Server ATS/7.1.2.106 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers status 302 date Mon, 11 May 2020 09:43:25 GMT location https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=fwMqWnsDewdnUC4FcgNlVHoCfVpnBS1XfQAsB1qc&apid=1Adaf0d852-936b-11ea-b0c2-1237df373440 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	current aol-match.dotomi.com/match/bounce/	0 103 B	17ms 14ms	Image text/plain	2a02:fa8:8806:13::1430 VCLK-EU-
General Check archive.org Show headers Download Go to Show image Full URL https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Adae8c928-936b-11ea-b319-120d915f11b6&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 204 pragma no-cache date Mon, 11 May 2020 09:43:25 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET		widget.php ai.epoch.cloud/widget-loaders/	0 0
GET H2	200	push_notif_ntd.js Show response services.epoch.cloud//public-labs/src/push_notifications/	6 KB 2 KB	59ms 20ms	Script application/javascript	2606:4700:3037::681b:a457 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.epoch.cloud//public-labs/src/push_notifications/push_notif_ntd.js Requested by Host: www.ntd.com URL: https://www.ntd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681b:a457 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a5826ae1cc0aa2f2bb52be7aa45e62bfffbc94044e2a31ed759d088238c9209 Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 19 Feb 2020 19:08:58 GMT server cloudflare age 7040 etag W/"5e4d87ca-189e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 cache-control max-age=14400 cf-ray 591af4a8598d9814-FRA cf-request-id 02a4b73d3700009814cb915200000001
GET H/1.1	200 OK	cbb358742efbe80005a15256de11d533.js Show response clientcdn.pushengage.com/core/	69 KB 17 KB	344ms 301ms	Script application/javascript	52.222.182.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientcdn.pushengage.com/core/cbb358742efbe80005a15256de11d533.js?_=1589190202100 Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.182.58 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-182-58.ham50.r.cloudfront.net Software nginx / Resource Hash 7fb9007457f447d05c62728ef3b54fbf44a4b034b24fff4306eda8a07661bdab Request headers Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 11 May 2020 09:43:27 GMT Content-Encoding gzip Server nginx X-Amz-Cf-Pop HAM50-C1 Vary Accept-Encoding X-Cache Miss from cloudfront Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, s-maxage=120 Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id AeVkXZt1Hc3tuseH1S2DZrx7ksJfHYGUKVcues5546Fbh_rLCXBJuQ== Via 1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
GET H2	200	test Show response www.youmaker.com/g/	7 B 192 B	46ms 17ms	XHR text/plain	35.201.68.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youmaker.com/g/test Requested by Host: www.ntd.com URL: https://www.ntd.com/assets/themes/ntd/js/jquery-all.min.js?ver=20170224 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.68.206 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 206.68.201.35.bc.googleusercontent.com Software nginx/1.16.1 / Resource Hash c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Request headers Accept */* Referer https://www.ntd.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 11 May 2020 09:43:30 GMT via 1.1 google server nginx/1.16.1 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept status 200 allow GET, POST content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc clear content-length 7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ai.epoch.cloud

URL

https://ai.epoch.cloud/widget-loaders/widget.php?site=ntdnewsdesktop