www.cutimes.com Open in urlscan Pro
104.111.216.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.cutimes.com/
Effective URL:
https://www.cutimes.com/?slreturn=20200408150205
Submission: On May 08 via manual (May 8th 2020, 7:02:28 pm UTC) from US

Summary HTTP 263 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 33 domains to perform 263 HTTP transactions. The main IP is 104.111.216.176, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.cutimes.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 6th 2020. Valid for: 3 months.

This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 53	104.111.216.176 104.111.216.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	204.14.32.196 204.14.32.196	7124 (-Reserved...) (-Reserved AS-)
4	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
66	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.47.141.198 169.47.141.198	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
10	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST)
1	52.212.177.60 52.212.177.60	16509 (AMAZON-02) (AMAZON-02)
1 4	52.35.37.246 52.35.37.246	16509 (AMAZON-02) (AMAZON-02)
1	52.222.182.102 52.222.182.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
9	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	204.14.32.159 204.14.32.159	7124 (-Reserved...) (-Reserved AS-)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.102.246 143.204.102.246	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.147 91.228.74.147	27281 (QUANTCAST) (QUANTCAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.196.114.149 18.196.114.149	16509 (AMAZON-02) (AMAZON-02)
1 6	52.16.75.38 52.16.75.38	16509 (AMAZON-02) (AMAZON-02)
3 33	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	3.123.209.152 3.123.209.152	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:285::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 9	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.0.233.94 52.0.233.94	14618 (AMAZON-AES) (AMAZON-AES)
1	18.211.103.48 18.211.103.48	14618 (AMAZON-AES) (AMAZON-AES)
2	18.196.158.226 18.196.158.226	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:2200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.169 91.228.74.169	27281 (QUANTCAST) (QUANTCAST)
2 3	35.241.8.149 35.241.8.149	15169 (GOOGLE) (GOOGLE)
2 2	54.77.250.219 54.77.250.219	16509 (AMAZON-02) (AMAZON-02)
2 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	52.37.206.171 52.37.206.171	16509 (AMAZON-02) (AMAZON-02)
2	35.181.91.36 35.181.91.36	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
5	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
5	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
263	42

53 104.111.216.176 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-176.deploy.static.akamaitechnologies.com

www.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.14.32.196 (Protaras, Cyprus) 2 redirects

ASN7124 (-Reserved AS-, ZZ)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.110.153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 72.247.226.64 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.47.141.198 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: c6.8d.2fa9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 152.199.23.241 (United States)

ASN15133 (EDGECAST, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.177.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-177-60.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.35.37.246 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-37-246.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.182.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-102.ham50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.14.32.159 (Protaras, Cyprus)

ASN7124 (-Reserved AS-, ZZ)

geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.102.246 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-102-246.fra50.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.147 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.114.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-114-149.eu-central-1.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.16.75.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.217.22.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.209.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-209-152.eu-central-1.compute.amazonaws.com

datacloud.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:285::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.38 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.233.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-233-94.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.103.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-103-48.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.158.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-158-226.eu-central-1.compute.amazonaws.com

visitor-service-eu-central-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.169 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.8.149 (Ascension Island) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 149.8.241.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.250.219 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-250-219.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.37.206.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-206-171.us-west-2.compute.amazonaws.com

alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	moatads.com z.moatads.com mb.moatads.com px.moatads.com	1000 KB
52	cutimes.com 3 redirects www.cutimes.com store.cutimes.com images.cutimes.com	690 KB
33	doubleclick.net 3 redirects cm.g.doubleclick.net securepubads.g.doubleclick.net	136 KB
23	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	529 KB
14	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com	8 KB
11	googletagservices.com www.googletagservices.com	292 KB
10	typekit.net use.typekit.net p.typekit.net	227 KB
10	tiqcdn.com tags.tiqcdn.com	81 KB
6	google.com adservice.google.com www.google.com	171 B
6	ml314.com 1 redirects ml314.com	15 KB
6	law.com 1 redirects store.law.com images.law.com b.law.com	18 KB
5	demdex.net 1 redirects dpm.demdex.net alm.demdex.net	4 KB
4	tealiumiq.com collect.tealiumiq.com datacloud.tealiumiq.com visitor-service-eu-central-1.tealiumiq.com	4 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	50 KB
4	github.io owlcarousel2.github.io	4 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	886 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	gstatic.com fonts.gstatic.com	27 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	999 B
2	adsrvr.org 2 redirects match.adsrvr.org	927 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	eyeota.net ps.eyeota.net	344 B
1	dianomi.com www.dianomi.com
1	quantcount.com rules.quantcount.com	1 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	google.de adservice.google.de	171 B
1	licdn.com snap.licdn.com	2 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	alm.com geoip.alm.com	447 B
1	simpli.fi tag.simpli.fi
1	cloudflare.com cdnjs.cloudflare.com	17 KB
263	33

	Domain	Requested by
55	px.moatads.com	www.cutimes.com
31	www.cutimes.com	2 redirects www.cutimes.com
30	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.cutimes.com
20	images.cutimes.com	www.cutimes.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.cutimes.com tpc.googlesyndication.com
11	www.googletagservices.com	tags.tiqcdn.com securepubads.g.doubleclick.net
11	z.moatads.com	www.cutimes.com securepubads.g.doubleclick.net
10	tags.tiqcdn.com	www.cutimes.com tags.tiqcdn.com
9	ib.adnxs.com	3 redirects www.cutimes.com
9	use.typekit.net	www.cutimes.com use.typekit.net
6	ml314.com	1 redirects tags.tiqcdn.com ml314.com www.cutimes.com
5	acdn.adnxs.com	www.cutimes.com
5	pagead2.googlesyndication.com	www.cutimes.com securepubads.g.doubleclick.net
5	www.google.com	securepubads.g.doubleclick.net
4	dpm.demdex.net	1 redirects www.cutimes.com
4	owlcarousel2.github.io	www.cutimes.com
3	idsync.rlcdn.com	2 redirects www.cutimes.com
3	a.dpmsrv.com	www.cutimes.com s.dpmsrv.com
3	cm.g.doubleclick.net	3 redirects
3	fonts.gstatic.com	ajax.googleapis.com
2	b.law.com	tags.tiqcdn.com www.cutimes.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	images.law.com	www.cutimes.com
2	visitor-service-eu-central-1.tealiumiq.com	tags.tiqcdn.com
2	px.ads.linkedin.com	1 redirects www.cutimes.com
2	fonts.googleapis.com	www.cutimes.com ajax.googleapis.com
2	store.law.com	1 redirects www.cutimes.com
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	ps.eyeota.net	www.cutimes.com
1	pixel.quantserve.com	www.cutimes.com
1	www.dianomi.com	www.cutimes.com
1	rules.quantcount.com	secure.quantserve.com
1	ping.chartbeat.net	www.cutimes.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.linkedin.com	1 redirects
1	p.typekit.net	www.cutimes.com
1	datacloud.tealiumiq.com	www.cutimes.com
1	collect.tealiumiq.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	secure.quantserve.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	geoip.alm.com	www.cutimes.com
1	s.dpmsrv.com	www.cutimes.com
1	mb.moatads.com	z.moatads.com
1	tag.simpli.fi	www.cutimes.com
1	cdnjs.cloudflare.com	www.cutimes.com
1	ajax.googleapis.com	www.cutimes.com
1	store.cutimes.com	1 redirects
263	51

This site contains links to these domains. Also see Links.

Domain
www.alm.com
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
cutimes.tradepub.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
www.law.com Let's Encrypt Authority X3	`2020-04-06` - `2020-07-05`	3 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
store.law.com Go Daddy Secure Certificate Authority - G2	`2018-09-05` - `2020-09-05`	2 years	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-17` - `2022-06-17`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.dpmsrv.com Amazon	`2019-05-14` - `2020-06-14`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.alm.com Trusted Secure Certificate Authority 5	`2018-01-08` - `2021-01-07`	3 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2020-04-04` - `2021-04-04`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.tealiumiq.com Amazon	`2019-11-21` - `2020-12-21`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
dianomi.com CloudFlare Inc ECC CA-2	`2020-01-09` - `2020-10-09`	9 months	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-04-10` - `2020-07-09`	3 months	crt.sh
b.law.com DigiCert SHA2 High Assurance Server CA	`2019-06-01` - `2020-09-03`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.cutimes.com/?slreturn=20200408150205
Frame ID: 3E2A8A59AAE04B8B4CC71F3C64A586D7
Requests: 206 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuuQ4t2ONu-gbwHL4zTOuljJHwbizgAi6MTGFTCSiARfUQgnu4nFH913yXGlhKrIKFbxdM4A7xv4jQE8ffsvTWlH0Ob1w8ZJ2jJUvZssq1tL2ElLKATlYZ2fFvPn1LF2g1pzfPj-72UYRnQEpivECR3lplwOXdc5-1FfxHEfQIhHs_4ON4aWKkoFJ2YpSz7AdrydC67TJYklVoWZRkVACuphUwSSa_bXRAsoHDZmowWqoQDH6wzWShpNSFSjsL2rmK4h4B9b9T3KEjpg&sig=Cg0ArKJSzP0W_6Hflk8jEAE&urlfix=1&adurl=
Frame ID: C94C7DEC0966F4D4201B25560C68CC49
Requests: 3 HTTP requests in this frame

Frame: https://z.moatads.com/almdfp680616975594/moatad.js
Frame ID: 3D979B7EFFC3AC6B6B951FFA515908F2
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL9UQchrFieG5r8Wh0HjknYnpoL7B1VDFeQYXYvC80ukYrZpBsrtb2t27Dfa8xtMwebrAFgMVp82WNOlb_O1RLgnHKqyWX9bFWlRi8P25qH1OLMDVfE6iPQRgI4j3VH93bnVYbHgeX-CadpTCZ3vWW5LR3L9hSFOx9M95mtqhtlTwjU7O3xGqPfNFXKpGeTlZi1eh5q1kXAo1cwp3EY_iebsazQp-6Oyiw7vTXfxEHBBO2TsEdgiW2YnlkxhpPBFFnx8xAB6Znajw0cw&sig=Cg0ArKJSzMXACU_fzWNpEAE&urlfix=1&adurl=
Frame ID: 8035C6C63870903F844F241E91B31404
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200408150205
Frame ID: 27BD03C1D5C31B2C941618B8DF456676
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 637AD6DA04703FF32DF78D8FDF9E72E5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMwixX2Bs3o7QCpMtMgPBLZ9bC0_rMxsdEdG9RRLOnSf0NFr-QuHY6V-S06vGp19y0Z8jbcGFcG7nzE4Bwjf5Vk_TN5Jg2ynxw1v2KXnmzai5OuLr3RO0jfqhGyD9i_uRtWlUny1BX6MJWkq5MzXsgA9xp8UF0S6KqR_AQMh_XfzBUXS_MLlSm1LKprJUeaHJ9h6r6IoGfM68g3cOdNKtd5vJkcmTQS4YLSjeoGsuCYrKBAsT8DYbPfDc4vW8jSMfEPqEhNOlqykE9LkFnHw&sig=Cg0ArKJSzMT916_84VyFEAE&urlfix=1&adurl=
Frame ID: 3C78973C2C73BD56E80E6C452CD91F1C
Requests: 6 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 86829CEB7F584C4ADB1E2177CF921321
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuELrn7eBjiYV8QU6C68YvHSvL3hkcPIIycxNbup6ejbaHHMkKYwshHAGYH1ePriTEdSTIYxlDSr8skfuYu8Y6z2W5uJwxBPoslTgzpdpVd3rAqJzDCLreusYEWdcV6FiAuiyp-9qEod64FXpSTd1Cc5a4EQTspjTfRsnmvRMYjnX443Qvb4fsBWko4vNo1DYbUSJRFoYz4pxUwaoJX2aKmSpiPDxI2_N1_YykyrLzuFl3dTq3bE-PMtfb6ZxZ5hh6e78YTbVCwxw&sig=Cg0ArKJSzFT1lwyqbiy0EAE&adurl=
Frame ID: 2905292CDDAE6F8B000BF75475B00017
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0kHAuc6x_1x5OsRNVXj8mh3RtNqDLAGHb9un8FhjsK0wBCATdMAORZmpo5KIbrtqu63YWBj9mDN2a6nxt_zzhBYbgZO75SMVtbVmpP1nH2fDcQfoJ5DQ1e1ZH_06ffFIRSuhgM6VqSSxnIw29E2Z4PDhzc5E6S_Pb3-WPeL0z6P013BKeXLc60-SKJkTEdzqX1809MTUdMSJ6zMfX2tIPYx76DkQF9UK3qGgTWyNNcydkc_9NjZj2yZebwia60euFvoS2RQbetg&sig=Cg0ArKJSzPOjg89C7m4eEAE&adurl=
Frame ID: C3CA44796B93031EAFEAAC996DF7990B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9Uon8O4ukCNmEmk0WHqzQIab44xspVYHA61fRy7z6Xv56yIwp7bg7Si2SIzpoqLrUdQH9ohT1ifLrUpSEtSzEAG2XVfqqXRkBW4I1CN9mxYfuVh3SFgdqkkLRc1sxIQxijkQx8fubvFSdAbAv_I-TqZpXeV9FpqUFy-9IDLXbIDoG_iRcAjAWyeHm3sgG9ZlBhhaWBHwD5LFMevsbQZSrriHofMGvUNPbPExttFaEGV4jJ7bE5poGBO_qBx3_Te1Xz-15GW8juMGA_w&sig=Cg0ArKJSzGJqhDRLtClqEAE&adurl=
Frame ID: 68B590776E9FB504C59E033E8507F77D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_5mKLCLrRKM_B9vvSAD-hTJVkjLHyNSTpb8aj3szBxmKk9llOLViXMHOOUnTQOYeynpLXsupsmxTKRBLIa7z5yKN9hic4F1OlCRrUZj4ghMuC6z77rhKO66bvSKqnrRQhAnA1AmW3Hc-xMRbo8YgbKY7DE4XpoaheBvDOQnPq_vpgfvnmk2oyyePzB6xwCJe4B2aF6RcKK9Fsb2VMCvekdmxiWtDYuNW9DTEZeq-mHCMpQAPG9S5P6BIZdJwVbfLYTwdzZnjOvw&sig=Cg0ArKJSzA53Cu01_IFeEAE&adurl=
Frame ID: 10E638F1687FAE152AEA0548F4D6905B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGmZhxdQcoYWU6WNllGGkqcuq5oL5QTYiKogYfVZnBbnV3W7R_9iYvAx127o95euIKpqYUlV_hpfWWU2oalRndmA6lEwU0FbbkGCc3nmyb-ZyGWRtnW741dHUE9Isqjr0nM9LwqMBfEY-4CxEreuzRuEUFYjbWt5pxgT6qLGN2NBk12YmJ3HEveLQKXSGcwLgIBuwLEyYAQ_Ud_NTYMw47e9r5lwV75t4dkwjNL92bLOcx4RjiNrj-PTtPdzCwKq0WfA8qGnBkdQ&sig=Cg0ArKJSzCJy_Rnshba7EAE&adurl=
Frame ID: 062708CE2B3828788931381F8EC8DE5F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtVskCgfz4Kdaji-9w-TNuodxVveaLFs4fcqx5Z7kMX-YcLGaY0DUrv64BTn6_s2nd0UF-v7vw0fWZHs99AuOwj_5PVEM_yf6ZMS3eM6nd3donOsef_VVJdLAOColMz0Nv24aXW5ZbzQTtSVM87p7E_5nN4rimenROYIIiD-Nma-MK3vqRwtBF4bM69VEjkPiCTLjyVB8BW6OGJsJInAaCMCQW2_xHXFCcNakuM4OKn0DC5rxhtcSMXokMJfycxSIC2sdHQhH-kw&sig=Cg0ArKJSzLTXpTRnBEgoEAE&adurl=
Frame ID: 1736CDAEFBEEC6B88385866C7E5C7365
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 563C782933243C9E534FE99B0890A10B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7B0BA0AC379183B3EF7E750DA1562EC3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5017081B2E9AB809DFE26A7296A3B76F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 71AE1A985D5B505E28818E3079EE1A9A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 61BFAA036D9F9BF88D50C18D62CEC31E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 26D2EDA5C30B1C72EB9312B51D91425E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=46D09774-C62A-419D-AC59-9D7CF914D0D... HTTP 302
https://www.cutimes.com/?slreturn=20200408150205 Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

263
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

51
Subdomains

42
IPs

8
Countries

3129 kB
Transfer

7143 kB
Size

2
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alm.com/privacy-policy-new/#section5
Title: Click

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Credit-Union-Times/95378106084

Search URL Search Domain Scan URL

URL: https://twitter.com/CU_Times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3821859/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Register

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_bold06/prgm.cgi
Title: Take a Modern Approach to Customer Experience: Empowering Frontline Employees and Agents

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_defa281/prgm.cgi
Title: Six Steps to a Data-Driven Credit Union

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf14/prgm.cgi
Title: Why Open and Future-Proof Core Banking is the Key to Success

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf13/prgm.cgi
Title: Differentiating Through Digital Banking

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_harl08/prgm.cgi
Title: Build Loyalty Through Exceptional Change Management

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_docu97/prgm.cgi
Title: Overcoming 4 Common Digital Mortgage Barriers

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_abri03/prgm.cgi
Title: Lending Opportunities: Hemp, The Farm Bill, and Their Impact on Ag Lending

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_abri02/prgm.cgi
Title: Steps Your CU Should Take in 2020 to Get CECL-Ready

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_kauf30/prgm.cgi
Title: 2020 Outlook for Financial Institutions: Addressing Economic Uncertainty and Competitive Pressure

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_defa202/prgm.cgi
Title: Analytics as a Service: New Ways for Credit Unions to Leverage Machine Learning in Origination and Member Services

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_harl06/prgm.cgi
Title: TrendWatch 2020: Customer Experience is One Story Told in 5 Parts

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf12/prgm.cgi
Title: They Stopped Investing In Our CU's Core Software -- Now What Do We Do?

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf10/prgm.cgi
Title: Successful Business Banking Conversion

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf11/prgm.cgi
Title: Making Cents Out of Data: Mortgage Insights and More

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_finf09/prgm.cgi
Title: Serving Business in 2020: Expanding into C&I Lending

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_bold04/prgm.cgi
Title: Empowering Human Agents in a Digital World

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_defa131/prgm.cgi
Title: Optimizing Your Member Experience with AI

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_elaa03/prgm.cgi
Title: Gen Z: The Fast and Furiously Cashless

Search URL Search Domain Scan URL

URL: http://cutimes.tradepub.com/free/w_elaa01/prgm.cgi
Title: Should Payments M&A Activity Trigger a Review of Your Credit Card Operating Model?

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/
Title: Sign In Now

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvr0J_ODZK8UGhM3-2Hef1XOsLkB0Q-ZTCesB-SR_ebRL9UuZ7GyZxPPBhMTVAc8_2PDXvDSZ2TwSkXszoiwqpWF1ss7QrCSz2QMYW085zvrU2HrmcdDb5fvcgfW-HftzZ0egd4l_8G2-BiGH96iPZXxVe-4Gf1XVwMMSrrptzwe8-qMMzUqM0uEAQZRKXpE8wtAAgKWvg4g8WRPdBVSp3iUZJDQe3FTQodS1WQv761g_qyHNtiu7UzOTj4ZAFTejIpDqjwIA%2526sig%253DCg0ArKJSzH55O-L00-u3EAE%2526urlfix%253D1%2526adurl%253Dhttps://www.cues.org/cues-trial-membership?utm_source=Trial%20Membership&utm_medium=CUTimes&utm_campaign=TrialMembership_CUTimes_Interstitial_May2020

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205 HTTP 302
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=46D09774-C62A-419D-AC59-9D7CF914D0DC&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200408150205&debug=lawDomainIPWithRefRedirect HTTP 302
https://www.cutimes.com/?slreturn=20200408150205 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601

Request Chain 64

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main HTTP 302
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&google_tc= HTTP 302
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEL1f69_W4Md2Y-eE0bUT0lY&google_cver=1

Request Chain 74

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D435337%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20200408150205%26time%3D1588964528141%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141&liSync=true

Request Chain 78

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D28416%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20200408150205&_=1588964528162 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D28416%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F%25253Fslreturn%25253D20200408150205%26_%3D1588964528162 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8832881143639073590&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=28416&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&_=1588964528162

Request Chain 141

https://idsync.rlcdn.com/395886.gif?partner_uid=3610134258144772168 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMDEzNDI1ODE0NDc3MjE2OBAAGg0IsNnW9QUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=65c9c102373d3920a015bcf2ca88997385a4f9e95f2380a5cf075110e8782f73f4cb09cee1a4f8eb&person_id=3610134258144772168&eid=50082

Request Chain 142

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35 HTTP 302
https://ml314.com/csync.ashx?fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35&person_id=3610134258144772168&eid=53819

Request Chain 143

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610134258144772168 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610134258144772168 HTTP 302
https://ml314.com/csync.ashx?fp=abdba333502eaec3cdca11422f2122e0&eid=50146&person_id=3610134258144772168

Request Chain 148

https://cm.everesttech.net/cm/dd?d_uuid=03468803961109395814155474353507148279 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrWssQAAAXduYRTJ

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163&google_gid=CAESEJ-hyVN8f6dg0dj8-bmQbpc&google_cver=1

Request Chain 257

https://ib.adnxs.com/seg?member=827&add=18252462,18600656 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656

263 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cutimes.com/
Redirect Chain

http://www.cutimes.com/
https://www.cutimes.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205
http://store.cutimes.com/Registration/Login.aspx?mode=token&token=46D09774-C62A-419D-AC59-9D7CF914D0DC&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20200408150205&debug=lawDomainIPWithRefRe...
https://www.cutimes.com/?slreturn=20200408150205

122 KB
20 KB

264ms
264ms

Document
text/html

104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

558c7daa3a79598a30ae3cbfd9ccca29694bd9c9313ee51548725e239b7997bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.cutimes.com
:scheme: https
:path: /?slreturn=20200408150205
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e08045525d5f4f58455e445a4a423660; ipAddress=5lw5ac9dCIoroGM5uQ%3d%3d; UCID=e241f4df-696b-4cb5-a0d6-5e1a644b92db
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=utf-8
content-language: en-US
server: template243
backend: templates_newlaw_director
x-vnode: 145
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cache-control: private
content-encoding: gzip
date: Fri, 08 May 2020 19:02:06 GMT
content-length: 20383
vary: Accept-Encoding
set-cookie: ssoCompliant=; Max-Age=31536000; Expires=Sat, 08-May-2021 19:02:06 GMT; Path=/ NSC_wbsojti!5_ttm_10.0.254.204=ffffffff0908e08045525d5f4f58455e445a4a423660;expires=Fri, 08-May-2020 19:07:06 GMT;path=/;secure;httponly

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.cutimes.com/?slreturn=20200408150205
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: regSID=8c448e08-6083-4abb-a9d4-9c9b299274bb; expires=Fri, 08-May-2020 20:02:06 GMT; path=/; HttpOnly ipAddress=5lw5ac9dCIoroGM5uQ%3d%3d; domain=.cutimes.com; expires=Sat, 09-May-2020 07:02:06 GMT; path=/ UCID=e241f4df-696b-4cb5-a0d6-5e1a644b92db; domain=.cutimes.com; expires=Sun, 08-May-2050 19:02:06 GMT; path=/
X-Powered-By: Server #2
Referrer-Policy: origin-when-cross-origin
Date: Fri, 08 May 2020 19:02:05 GMT
Content-Length: 18901

GET
H2 200 markets.min.css
www.cutimes.com/assets/master-template/css/release/ 306 KB
57 KB 548ms
545ms Stylesheet
text/css 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-05-08-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

7a1bc8cf49cf86b5a2be2e41b06cf866d0f6e9a20833358e2a0e7d084ef8d2c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cteonnt-length: 313287
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template244
x-frame-options: SAMEORIGIN
etag: W/"313287-1588873024000"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: private, max-age=259200
backend: templates_newlaw_director
accept-ranges: bytes
x-vnode: 145
expires: Mon, 11 May 2020 19:02:07 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 151ms
49ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

x-fastly-request-id: 3f22b3aba842f9c7c2dddb3878afd08d506bf2be
date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: gzip
age: 98
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4044-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 703E:6649:A6D59:D2281:5EB0E2B0
x-timer: S1588964527.809554,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 05 May 2020 03:33:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 6

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
661 B 152ms
50ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

x-fastly-request-id: f7b6cae3b8dcdffbd2aa329eebea653a7bece3d7
date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: gzip
age: 462
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4044-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: B7DC:09E5:3FC2A0:511A33:5E9B81EF
x-timer: S1588964527.809536,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sat, 18 Apr 2020 22:44:38 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: HIT
x-cache-hits: 8

GET
H2 200 jquery.2.1.3.min.js Show response
www.cutimes.com/assets/master-template/js/ 82 KB
29 KB 129ms
127ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template51
x-frame-options: SAMEORIGIN
etag: W/"84320-1588873024000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 29562
expires: Fri, 08 May 2020 23:02:06 GMT

GET
H2 200 yi.js Show response
z.moatads.com/almprebidheader476420012280/ 95 KB
36 KB 71ms
69ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 21:09:46 GMT
server: AmazonS3
x-amz-request-id: 901E1E60D774B548
etag: "8389737683f8879d84e29825a1ca8102"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=11620
accept-ranges: bytes
content-length: 36741
x-amz-id-2: JCoojGwTgoEIoP03qwgBIAmXWNRd5XrnJAKYRyjytlir/k0Jl8kE7P5hFsdaMfaDvvg/KACT1Wg=

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 03:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2476248
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Apr 2021 03:11:18 GMT

GET
H2 200 cutimes.prebid.js Show response
www.cutimes.com/assets/master-template/js/prebid/ 165 KB
59 KB 111ms
110ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

abb263c59e57a3d1557c5b36005fd378d6bf935600d045529d867eb48912c245

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
backend: templates_newlaw_director
content-length: 59460
cteonnt-length: 168573
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"168573-1588245528000"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=120432
accept-ranges: bytes
x-vnode: 27
expires: Sun, 10 May 2020 04:29:18 GMT

GET
H2 200 lazyloadXT.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 3 KB
2 KB 58ms
58ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

386304e8dcdc06a6474321865af2cd47cea2690e7f70223a364eaeaa45f9c74c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
backend: templates_newlaw_director
content-length: 1593
cteonnt-length: 2933
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template243
etag: W/"2933-1588873024000"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=208471
accept-ranges: bytes
x-vnode: 145
expires: Mon, 11 May 2020 04:56:38 GMT

GET
H2 200 nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 1 KB
2 KB 60ms
60ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

a71bca31948a063281244e1e3b9494999d94e4bf2fd2cf3f0fb193b88c09785d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Fri, 24 Apr 2020 17:52:48 GMT
server: template244
etag: W/"1322-1587750768000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1322
expires: Fri, 08 May 2020 23:02:07 GMT

GET
H2 200 business-meeting-team-connected-e1584045504201.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/03/ 51 KB
51 KB 174ms
79ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/03/business-meeting-team-connected-e1584045504201.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1aeca74d2d21b251d364689ea6457590a1a6b13c6e71b8fb46a1fc22dd926c94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 21
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 12 Mar 2020 20:38:24 GMT
server: Apache
etag: "7eccd2-ca42-5a0ae559acc24"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1160689
backend: contribsreimg_prod_director
accept-ranges: bytes
content-length: 51778
expires: Fri, 22 May 2020 05:26:56 GMT

GET
H2 200 core-system-technology-e1581013011527.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/02/ 49 KB
50 KB 88ms
88ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/02/core-system-technology-e1581013011527.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

81201a3ad8d16a9aa237ebc805080098f751a52a526d8e2c61c64d0ffdce7e5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 21
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 06 Feb 2020 18:16:51 GMT
server: Apache
etag: "7cf4eb-c53e-59dec46f5d99e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1160679
backend: contribsreimg_prod_director
accept-ranges: bytes
content-length: 50494
expires: Fri, 22 May 2020 05:26:46 GMT

GET
H2 200 common.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 53 KB
14 KB 84ms
82ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/common.min.js?2020-05-08-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

3e8ee14092586919b5ca348ed176e27b988cfee653a306a0fed55ef028cd156a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template51
x-frame-options: SAMEORIGIN
etag: W/"54582-1588873024000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 13669
expires: Fri, 08 May 2020 23:02:07 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 435ms
144ms Script
application/x-javascript 204.14.32.196
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.14.32.196 Protaras, Cyprus, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: Microsoft-IIS/7.5 / Server #2
Resource Hash: 12e8f013cc970ec40a44e65bf90795ac4f89ed7ea2540c241eee3552211ecbac

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:06 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Jan 2019 18:44:45 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=605700
Accept-Ranges: bytes
Content-Length: 3516
ETag: "808c38622add41:0"

GET
H2 200 tealium.js Show response
www.cutimes.com/assets/master-template/js/ 4 KB
1 KB 90ms
88ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/tealium.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 21
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template51
x-frame-options: SAMEORIGIN
etag: W/"4577-1588873024000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1053
expires: Fri, 08 May 2020 23:02:07 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
17 KB 31ms
31ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7901048
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 029743a2fa0000dfeb5f02c200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 28 Jan 2019 18:00:51 GMT
server: cloudflare
etag: W/"5c4f4353-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59056ee4cf70dfeb-FRA
expires: Wed, 28 Apr 2021 19:02:06 GMT

GET
H2 200 master-core-lite.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 27 KB
10 KB 98ms
96ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
vary: Accept-Encoding
ntcoent-length: 27835
status: 200
backend: templates_newlaw_director
content-length: 10348
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"27835-1588245528000"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=57640
accept-ranges: bytes
x-vnode: 21
expires: Sat, 09 May 2020 11:02:47 GMT

GET
H2 200 ad-scroll-v2.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 1 KB
826 B 106ms
104ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/ad-scroll-v2.min.js?2020-05-08-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

71589b103fe41e467a42d73570aa89f148b223837869fe205e0914f9e4cf530f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
backend: templates_newlaw_director
content-length: 531
cteonnt-length: 1457
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template244
etag: W/"1457-1588873024000"
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: private, max-age=259113
accept-ranges: bytes
x-vnode: 27
expires: Mon, 11 May 2020 19:00:40 GMT

GET
H2 200 river-load-more-pg.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 4 KB
2 KB 114ms
112ms Script
application/javascript 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2020-05-08-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

245d9d9f1946ab61eb6ae6ac0b4148df3083a4edbcb72b46b8d9f0e48f0b1804

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 145
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template51
x-frame-options: SAMEORIGIN
etag: W/"4071-1588873024000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1506
expires: Fri, 08 May 2020 23:02:07 GMT

GET
H2 504 3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
tag.simpli.fi/sifitag/ 0
0 2429ms
2144ms Script
text/html 169.47.141.198
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.47.141.198 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c6.8d.2fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 css Show response
fonts.googleapis.com/ 3 KB
1 KB 37ms
17ms Fetch
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 May 2020 19:02:07 GMT
server: ESF
date: Fri, 08 May 2020 19:02:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 May 2020 19:02:07 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 118 KB
33 KB 132ms
33ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/0529) /
Resource Hash: 6c924b1448353c68240203f6609e28a4fee6b9c782110af9d19a9fe4a19cbb77

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 22:08:35 GMT
server: ECAcc (waw/0529)
age: 289
etag: "2162143586"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 33159
expires: Fri, 08 May 2020 19:07:07 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 149ms
50ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: adfd2a085a985d243d9452fbe460ac8e3fff5bbc
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
age: 98
x-cache: HIT
status: 200
content-length: 1068
x-served-by: cache-hhn4053-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 703E:6649:A6D59:D2281:5EB0E2B0
x-timer: S1588964527.472961,VS0,VE0
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Tue, 05 May 2020 03:33:32 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 3

GET
H2 200 nav-divot-cutimes.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
1 KB 98ms
97ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-divot-cutimes.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

f30137e3c92cd4ff1c55a6efe2c04d55a4154134fcf81af43629b5a7c4652a5f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-05-08-15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"1086-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1086
expires: Fri, 08 May 2020 23:02:07 GMT

GET
H2 200 yi.js Show response
mb.moatads.com/ 2 KB
2 KB 335ms
150ms Script
text/html 52.212.177.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&callback=MoatNadoAllJsonpRequest_72561453
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almprebidheader476420012280/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.177.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-177-60.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: c1f61fda64b5029f6c902ea1b32d39423cb716bb9a842b13e8977de38600e0b3

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: TornadoServer/4.5.3
etag: "8f376be6e25904eb52ac7e12911ee697f47a8ae1"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 1545

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1588964527521&de=884306245847&d=ALM_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=af9b55d&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=cutimes.com&bd=cutimes.com&ac=1&bq=11&f=0&na=1376141415&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:07 GMT

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
662 B 51ms
50ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 06f7ff96d12038d592a3d6ff48cdf90e4d17dfe9
date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
age: 464
x-cache: HIT
status: 200
content-length: 479
x-served-by: cache-hhn4053-HHN
access-control-allow-origin: *
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: B7DC:09E5:3FC2A0:511A33:5E9B81EF
x-timer: S1588964528.612487,VS0,VE0
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sat, 18 Apr 2020 22:44:38 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: 1
x-proxy-cache: HIT
x-cache-hits: 5

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601

362 B
1 KB

239ms
239ms

XHR
application/json

52.35.37.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.37.246 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-37-246.us-west-2.compute.amazonaws.com

Software

Resource Hash

ac8dfe4a1cee274583b3df67b449c4a884869361e59a05d1e0b8b4bb941049a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-usw2-v055-0ae8ef479.edge-usw2.demdex.com 5.70.0.20200507125324 20ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: +iDPnbb/RP0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.cutimes.com
X-TID: nH6avf9mQ3g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1588964527601
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 283 KB
47 KB 269ms
62ms Script
application/x-javascript 52.222.182.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.182.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-182-102.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d787dcae4dfb46f36ba447b1b7b03c7c6c05d836841d1cf10586a1a2085c4102

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 03:54:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2020 15:30:18 GMT
Server: AmazonS3
Age: 54479
ETag: "28fb9e5eab61130d1c33005bc7b4e62b"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 10f1ccb26218c630c5c1132f93895fb2.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Length: 48061
X-Amz-Cf-Id: hO9vZCmDJHgHPKr0aHWSBEDu7MP1QuQNK2hzSqUqfcIneGsU0h8gwQ==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
843 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 May 2020 19:02:07 GMT
server: ESF
date: Fri, 08 May 2020 19:02:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 May 2020 19:02:07 GMT

GET
H2 200 qkq4rhw.js Show response
use.typekit.net/ 20 KB
8 KB 50ms
41ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

87a85dd49446af6ecdfc0db0ebf7dc7f0f01313b5e65f01e8bac5573102cf0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 08 May 2020 19:02:07 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7633

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 182 B
447 B 674ms
141ms XHR
application/json 204.14.32.159
-Reserved AS-

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 204.14.32.159 Protaras, Cyprus, ASN7124 (-Reserved AS-, ZZ),
Reverse DNS
Software: /
Resource Hash: bf2be7a162ab08b7af9e7c65da41489e3758cc22e1fab98ac49a0ab69dcb3597

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Fri, 08 May 2020 19:02:08 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sun, 26 Apr 2020 06:25:44 GMT
Content-Length: 182
Vary: Origin
Content-Type: application/json

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 utag.87.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 9 KB
3 KB 37ms
34ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202003041849
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/0552) /
Resource Hash: b270aa6ce374d95c46d8d34041614f747699021ed381db4c615d7cd347a38a8c

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 21:31:16 GMT
server: ECAcc (waw/0552)
age: 162028
etag: "2260739600"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2864
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 37ms
35ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/055F) /
Resource Hash: 84d927ab3b2e3a249e857799bfde603ddc95db0a3cf66bd8baf9171b0802cb87

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 23:02:30 GMT
server: ECAcc (waw/055F)
age: 156771
etag: "1878653163"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1504
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.78.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 108 KB
34 KB 37ms
35ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.39.202005042208
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/0575) /
Resource Hash: c4faa938416ca1bf56c11b9b2813ff288fde8e517771b16f2057b7b61972e6ac

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 22:08:35 GMT
server: ECAcc (waw/0575)
age: 334281
etag: "696561160+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 34764
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.32.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
1 KB 58ms
56ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.32.js?utv=ut4.39.201909121652
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/052D) /
Resource Hash: 9728131608f65fbd66c71d6c71fdabaeaade08aeeaf732c28f5fbccf020229f4

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 16:52:06 GMT
server: ECAcc (waw/052D)
age: 162026
etag: "525068873"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1449
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.39.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 53ms
51ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/056F) /
Resource Hash: 0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2016 19:04:41 GMT
server: ECAcc (waw/056F)
age: 152370
etag: "4092555616"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 953
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.91.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 4 KB
2 KB 53ms
52ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.39.201909091548
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/055A) /
Resource Hash: 0b19fa3503195cb6a6bd07845d20a7c468fd2206fe2e1c0cb25f45ee4ed439eb

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Wed, 24 Jul 2019 18:15:27 GMT
server: ECAcc (waw/055A)
age: 162030
etag: "1174076845"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1678
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.101.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 13 KB
4 KB 54ms
52ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/0550) /
Resource Hash: 4f2155501b26bb5f3be67bfdf8b4bbf840f03aeb9e4da9d1785e81ab6047bac0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 16:52:06 GMT
server: ECAcc (waw/0550)
age: 162038
etag: "742354489"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4340
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 56ms
55ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.39.202004071701
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/0550) /
Resource Hash: 60dcc87c0f24716469dce0f6b24a41d6f063ce531c9a3d246595e3c13e5c0df7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
last-modified: Tue, 07 Apr 2020 17:01:50 GMT
server: ECAcc (waw/0550)
age: 162025
etag: "2077630618"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 956
expires: Sat, 23 May 2020 19:02:07 GMT

GET
H2 200 all.json Show response
www.cutimes.com//paging/content/ 94 KB
17 KB 353ms
353ms XHR
application/json 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com//paging/content/all.json?id=33&limit=100&start=10

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/jquery.2.1.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

7e25c42336afb738ec8101db2778da2920f32e4d15136ebe75099e243350ed81

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20200408150205
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
vary: Accept-Encoding
server: template243
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
status: 200
cache-control: public, max-age=600
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 16875

GET
H2 200 markets.min.css Show response
www.cutimes.com/assets/master-template/css/release/ 306 KB
57 KB 86ms
86ms XHR
text/css 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets.min.css?2020-05-08-15

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/master-core-lite.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

7a1bc8cf49cf86b5a2be2e41b06cf866d0f6e9a20833358e2a0e7d084ef8d2c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
backend: templates_newlaw_director
content-length: 57640
cteonnt-length: 313287
last-modified: Thu, 07 May 2020 17:37:04 GMT
server: template244
etag: W/"313287-1588873024000"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: private, max-age=259200
accept-ranges: bytes
x-vnode: 145
expires: Mon, 11 May 2020 19:02:07 GMT

GET
H2 200 coronavirus-economics-e1588869302925.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 40 KB
40 KB 92ms
92ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/coronavirus-economics-e1588869302925.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

741110231a909d22b216fa73bcbf089bb4eada11b50a42fd0a8a87b423e29cf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 145
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 07 May 2020 16:35:02 GMT
server: Apache
etag: "81daac-9e63-5a51176650c92"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1120317
backend: contribsreimg_prod_director
accept-ranges: bytes
content-length: 40547
expires: Thu, 21 May 2020 18:14:04 GMT

GET
H2 200 military-base-e1530124707821.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/06/ 37 KB
38 KB 98ms
97ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/06/military-base-e1530124707821.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

76778d76506e4223dc0a1a988c7b6b2e9b7f1ca71aedb65f87dd2f5ff5a4c6eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 21
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Wed, 27 Jun 2018 18:38:27 GMT
server: Apache
etag: "ae5e31-951d-56fa3eba0df17"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1122168
backend: contribsreimg_prod_director
accept-ranges: bytes
content-length: 38173
expires: Thu, 21 May 2020 18:44:55 GMT

GET
H2 200 12_Hands_Giving_Receiving_Money_MI600.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 34 KB
34 KB 109ms
109ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/12_Hands_Giving_Receiving_Money_MI600.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3dd944c54a0ef9f73a2010f03723410178a9557981baf24cb8e548dc4381bb4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 07 May 2020 12:10:24 GMT
server: Apache
etag: "81da07-86a6-5a50dc3fb9c1e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1119013
backend: contribsreimg_prod_director
accept-ranges: bytes
content-length: 34470
expires: Thu, 21 May 2020 17:52:20 GMT

GET
H2 200 virtual-financial-literacy-program-e1588961887356.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 10 KB
11 KB 266ms
265ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/virtual-financial-literacy-program-e1588961887356.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5db9900e3eea62b8838ec26aec3b1f05721f93cb6b2c317d50da06b863827b84

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 18:22:39 GMT
server: Apache
etag: "823508-26ac-5a52715115631"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209566
backend: contribsreimg_prod_director
content-length: 9900
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:01:34 GMT

GET
H2 200 Virtual-Prom-e1588874702270.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 14 KB
15 KB 278ms
277ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/Virtual-Prom-e1588874702270.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bbf982f9ff9c87631a0962e9db639757d1050122f2a6f88a1c0c15ec8678cdda

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 18:02:48 GMT
server: Apache
etag: "826d1c-3766-5a526ce15f126"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
backend: contribsreimg_prod_director
content-length: 14182
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Origin: https://www.cutimes.com

Response headers

date: Fri, 10 Apr 2020 00:09:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 2487146
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 10 Apr 2021 00:09:41 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Wed, 06 May 2020 00:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 238310
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 06 May 2021 00:50:17 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Origin: https://www.cutimes.com

Response headers

date: Fri, 10 Apr 2020 06:12:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 2465372
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 10 Apr 2021 06:12:35 GMT

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 14ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 20ms
9ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 23ms
13ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 14ms
4ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32380

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 18ms
8ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33180

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 51ms
41ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19272

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 65ms
56ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19068

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 54ms
45ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205
Origin: https://www.cutimes.com

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 18468

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 46 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.87.js?utv=ut4.39.202003041849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203c53e92c4994351bfcb37003059ba3a9bd041580a8271e7881f03bbc061fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "510 / 865 of 1000 / last-modified: 1588867830"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15392
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:07 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 195ms
86ms Script
application/x-javascript 143.204.102.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.39.202003232302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.102.246 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-102-246.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 18:03:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 3538
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: I9-gZJj8ymTRSteiRAdT0i8bomsN7aVMKwBf-TUNIUHD4jHaDvO8ig==
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
expires: Fri, 08 May 2020 20:03:10 GMT

GET
H/1.1 200
OK aquant.js Show response
secure.quantserve.com/ 21 KB
8 KB 249ms
62ms Script
application/x-javascript 91.228.74.147
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.39.js?utv=ut4.39.201510271714

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.147 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08-May-2020 19:02:08 GMT
Server: QS
Etag: M0-004a9efe
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Strict-Transport-Security: max-age=86400
Content-Length: 8025
Expires: Fri, 15 May 2020 19:02:08 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.39.201909091548
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72693
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

POST
H/1.1 200
OK i.gif Show response
collect.tealiumiq.com/alm/main/2/ 43 B
1 KB 271ms
73ms XHR
image/gif 18.196.114.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/alm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.101.js?utv=ut4.39.201911221657
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.114.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-114-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5Cx2yjFPBVRLZAHY

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
X-ServerID: uconnect_i-0df770c9e0933f01c
X-tid: 0171f5aa8de500112f463a66ab2c00079003007100b08
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
X-acc: alm:main:2:datacloud
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
X-did: 0171f5aa8de500112f463a66ab2c00079003007100b08
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cutimes.com
Access-Control-Expose-Headers: X-Region
Cache-Control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
X-ULVer: 6156e04cd506cc6f9c815630f04d9d8409201998-SNAPSHOT
X-UUID: b5a69f99-2f18-4edb-befb-37c8ad8c733f
Expires: Fri, 08 May 2020 19:02:08 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 282ms
73ms Script
application/javascript 52.16.75.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?84
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 06:11:20 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=40152
Connection: keep-alive
Content-Length: 11932
Expires: Sat, 09 May 2020 06:11:20 GMT

GET
H/1.1

200
OK

i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain

https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main
https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&goog...
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEL1f69_W4Md2Y-...

43 B
1 KB

249ms
59ms

Image
image/gif

3.123.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEL1f69_W4Md2Y-eE0bUT0lY&google_cver=1
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.209.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-209-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
X-ServerID: uconnect_i-0526e1e1e8460c767
X-tid: 0171f5aa8de500112f463a66ab2c00079003007100b08
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
X-acc: alm:main:2:vdata
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
X-did: 0171f5aa8de500112f463a66ab2c00079003007100b08
Vary: Origin
Content-Type: image/gif
X-ULVer: 6156e04cd506cc6f9c815630f04d9d8409201998-SNAPSHOT
Cache-Control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
X-UUID: 9bfe5e59-4d58-4d02-a973-6f1d048f3ad9
Expires: Fri, 08 May 2020 19:02:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:08 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0171f5aa8de500112f463a66ab2c00079003007100b08&tealium_account=alm&tealium_profile=main&google_gid=CAESEL1f69_W4Md2Y-eE0bUT0lY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
125 B 32ms
32ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202005042208&cb=1588964527917
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (waw/054B) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:07 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (waw/054B)
age: 1458044
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 08 May 2020 19:12:07 GMT

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
4 KB 94ms
92ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

dc282ca9f457e22786a89606796ba1db9f772d79ba57b1795b54e4c7a4729ed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template243
etag: W/"3368-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 3368
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
1 KB 98ms
97ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

083018544ecfdbe6462c83d2595a7253796352ca3df1d37bbe9cf674bee82fab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"1222-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1222
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 104ms
103ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

98b77b6ec808d5031798aa26307cf2a499dc9cbb8502dc9e2994e58aeb9e4e1a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"1583-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1583
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
2 KB 107ms
106ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

2197e124a3df746df8b3f4ce400b0abf4bf0c1e6d60c527313dda7501b094b7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"1413-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1413
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 cut-logo-white-nav.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 69ms
69ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/cut-logo-white-nav.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

942397a1904cfbaab4f68e31b2f096786a9de71d85660c719ec8dc7f4aa1e680

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"2159-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 2159
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
3 KB 68ms
67ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

267abd7ab655fbe8dce0945f2c919ffa97632016ba963c01c6029e153a73edd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Fri, 24 Apr 2020 17:52:48 GMT
server: template243
etag: W/"3131-1587750768000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 3131
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H2 200 arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
3 KB 67ms
66ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

45343cff29b666c6d3c631c67b66b7e8da99c0f3f0a27cb085026e1d6aaadd2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"2986-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 2986
expires: Fri, 08 May 2020 23:02:08 GMT

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 8ms
7ms Image
image/gif 2a02:26f0:6c00:285::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=qkq4rhw&ht=tk&h=www.cutimes.com&f=139.169.175.5474.25136.14541.14546.14548&a=702529&js=1.19.2&app=typekit&e=js&_=1588964528123
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:285::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
Last-Modified: Wed, 10 Jul 2019 10:41:33 GMT
Server: nginx
ETag: "5d25c0dd-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Mon, 07 Oct 2019 04:19:20 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D435337%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20200408...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141&liSync=true

0
40 B

111ms
111ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141&liSync=true
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: X9Xa6tEiDRaAd02kyioAAA==

Redirect headers

date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
status: 302
x-li-pop: prod-tln1
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: Play
cache-control: no-cache, no-store
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: Zwsh3dEiDRagzcSudisAAA==
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=435337&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&time=1588964528141&liSync=true
x-li-proto: http/2
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cutimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020043001.js Show response
securepubads.g.doubleclick.net/gpt/ 239 KB
86 KB 86ms
84ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 13:07:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87920
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D28416%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D28416%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=8832881143639073590&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=28416&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&_=1588964528162

242 B
994 B

620ms
143ms

Script
text/javascript

52.0.233.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8832881143639073590&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=28416&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&_=1588964528162
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-233-94.compute-1.amazonaws.com
Software: /
Resource Hash: f6a6d9ffa3bc3196469ca0a1ddff6dd8a5837423babdf00aa93059c0f81563dc

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 217
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.106:80
AN-X-Request-Uuid: 6670014f-2940-4dfe-a603-9057c84cb067
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=8832881143639073590&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=28416&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&_=1588964528162
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 419ms
139ms Image
image/gif 18.211.103.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=DN20I1BmWJ1OBTVgoF&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5992&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3324&t=Ckyh-CCUautfCIq0QzDqyqnbB2aESn&V=120&i=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&tz=-120&sn=1&sv=86lI5Bb2QSNCa3sYWC8RHFAWqHZz&sd=1&im=067b2ef3&_
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.103.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-103-48.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 08 May 2020 19:02:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 Hispanics.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/04/ 11 KB
13 KB 227ms
226ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/04/Hispanics.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1f7c684f90b0256ebca3c798abfb99d7a2be8904f45b536fc6aef8c1bcc4e97d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 26 Apr 2019 13:09:33 GMT
server: Apache
etag: "619a67-2df9-5876ea558b983"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209554
backend: contribsreimg_prod_director
content-length: 11769
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:01:22 GMT

GET
H2 200 Filene-graphic.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 8 KB
10 KB 228ms
227ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/Filene-graphic.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1d077456cce99706d145c446cf5daa1641bd1af43601e6836a2a9f6b2b525ead

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 13:02:33 GMT
server: Apache
etag: "827005-21ef-5a5229c5385de"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
backend: contribsreimg_prod_director
content-length: 8687
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H2 200 payday-loans-e1553095089910.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/03/ 16 KB
18 KB 217ms
216ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/03/payday-loans-e1553095089910.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1f47c9736b5dcf7cf5a6db4a56485d7e5b59e38dab3b34fb2a8778009540d6ff

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Tue, 23 Apr 2019 15:47:08 GMT
server: Apache
etag: "60dee3-41c6-587347f5c8416"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
backend: contribsreimg_prod_director
content-length: 16838
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H2 200 force-majeure-e1588095924321.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/04/ 7 KB
8 KB 220ms
219ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/04/force-majeure-e1588095924321.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aba1fe2f9ce3031d9cd0ad8d6cb942f3780e880b900595468aef7b69ba1d19e5

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 13:02:33 GMT
server: Apache
etag: "81decc-1d45-5a5229c4c5dd2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
backend: contribsreimg_prod_director
content-length: 7493
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H2 200 world-digital-transformation-e1588766408392.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 7 KB
8 KB 63ms
62ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/world-digital-transformation-e1588766408392.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7dbdb6f19d55b45d058b4756241bbaef603f75742f242b71dfec808d47c208ff

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Thu, 07 May 2020 13:54:12 GMT
server: Apache
etag: "824c77-1ab7-5a50f3733a8c4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1107765
backend: contribsreimg_prod_director
content-length: 6839
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
expires: Thu, 21 May 2020 14:44:53 GMT

GET
H2 200 tv-remote-off-button-e1588795445587.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 7 KB
8 KB 79ms
79ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/tv-remote-off-button-e1588795445587.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

082d6bf8473c5ff49f52c84a7ccca31f7f8568b3fad38ceda1e2d3a90d9f3453

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Thu, 07 May 2020 13:07:23 GMT
server: Apache
etag: "8257d1-1a97-5a50e8fc8d732"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1115834
backend: contribsreimg_prod_director
content-length: 6807
accept-ranges: bytes
x-vnode: 27
date: Fri, 08 May 2020 19:02:08 GMT
expires: Thu, 21 May 2020 16:59:22 GMT

GET
H2 200 solar-loan-program-e1588786700107.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 9 KB
10 KB 78ms
77ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/solar-loan-program-e1588786700107.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

235aac272e0838d325e6eca1393e82c72f47792a7ebf7f7e89805beb20327232

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Wed, 06 May 2020 19:08:27 GMT
server: Apache
etag: "823231-236f-5a4ff7d2920cf"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1052357
backend: contribsreimg_prod_director
content-length: 9071
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
expires: Wed, 20 May 2020 23:21:25 GMT

GET
H2 200 financial-education-online-e1588700409831.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 14 KB
15 KB 76ms
75ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/financial-education-online-e1588700409831.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2ce08ba5cc3207e74cc36214fdac532d69aa6d6421c5a80fe2cb537cd757e0a7

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Wed, 06 May 2020 17:20:18 GMT
server: Apache
etag: "824d88-364c-5a4fdfa70246f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1052330
backend: contribsreimg_prod_director
content-length: 13900
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
expires: Wed, 20 May 2020 23:20:58 GMT

GET
H2 200 digital-connection-e1557924932439.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/05/ 8 KB
9 KB 92ms
89ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2019/05/digital-connection-e1557924932439.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4efb9de16d92c008c1e987bf92e11d3244b53f10df3d0b57a0af2d0d2966bfbc

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 17 May 2019 13:07:59 GMT
server: Apache
etag: "634c83-1fe5-589151264a5c5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1052358
backend: contribsreimg_prod_director
content-length: 8165
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Wed, 20 May 2020 23:21:26 GMT

GET
H2 200 SocialDistancingEmployeesOfficeShutterstock.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 6 KB
7 KB 88ms
86ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/SocialDistancingEmployeesOfficeShutterstock.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c4dea17a99279cc2521e9d359c6b4b01a3785454b994274a24357d133fb052b7

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Wed, 06 May 2020 15:38:50 GMT
server: Apache
etag: "823227-1974-5a4fc8f854bed"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1076775
backend: contribsreimg_prod_director
content-length: 6516
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
expires: Thu, 21 May 2020 06:08:23 GMT

GET
H/1.1 200
OK 0171f5aa8de500112f463a66ab2c00079003007100b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 27 B
260 B 270ms
71ms Script
application/javascript 18.196.158.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-service-eu-central-1.tealiumiq.com/alm/main/0171f5aa8de500112f463a66ab2c00079003007100b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1588964528250
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.158.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-158-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Version: 6156e04cd506cc6f9c815630f04d9d8409201998-SNAPSHOT
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 27
X-NodeId: i-02d5fbe2b55761746
Content-Type: application/javascript; charset=utf-8

GET
H2 200 Tampa-map-e1588876495191.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 12 KB
13 KB 231ms
229ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/Tampa-map-e1588876495191.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e0aa97421774866118cdad4af1600a0d53b1012ee0f3f4f271ddf6fcf7eb35dc

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 14:34:19 GMT
server: Apache
etag: "826bce-3107-5a523e483ca60"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
backend: contribsreimg_prod_director
content-length: 12551
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:08 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H2 200 rules-p-tet4NLTPxSXJn.js Show response
rules.quantcount.com/ 3 KB
1 KB 23ms
7ms Script
application/x-javascript 2600:9000:2156:2200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-tet4NLTPxSXJn.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-tet4NLTPxSXJn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:00:55 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2017 01:28:01 GMT
server: AmazonS3
age: 74
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l1b7_IRsqEvTeNGUhlHVl_ZMn35S6PMyuLyYVt0czFFziA0AFD2xnw==
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
1 KB 71ms
71ms Script
application/javascript 52.16.75.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&pv=1588964528271_k26oo5i2r&bl=en-us&cb=2182278&return=&ht=&d=&dc=&si=1588964528271_k26oo5i2r&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1c99e84e985f3b99e9696c64b17feb7e1326c28c0544d17137a4446eddd1a4c

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:08 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 468
Expires: 0

GET
H2 200 menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 3 KB
3 KB 80ms
80ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/menu-close-btn.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"3321-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 3321
expires: Fri, 08 May 2020 23:02:08 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 167ms
59ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.178:80
AN-X-Request-Uuid: 6572f167-5a2c-472c-9d20-f8bef248d743
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 167ms
62ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.201:80
AN-X-Request-Uuid: 03f9aadb-577e-486d-8fb0-4e5a25e24ac2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 161ms
58ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.229:80
AN-X-Request-Uuid: acbbd10e-7845-410f-834d-72174fa04930
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 156ms
54ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.201:80
AN-X-Request-Uuid: c0672d83-257f-4f2b-abd5-e42930a2744e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 141ms
140ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

aa4f2b1aa4590eb3d10455a1f0b0b5739efe3e4d5f8250ba56717aafd0ac5191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2147
x-xss-protection: 0
google-lineitem-id: 4594036698
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226581719
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
3 KB 139ms
139ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

0d15439b05672163427711941e01c42e5d2804939f6098c4126c8fd2a653fe2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3117
x-xss-protection: 0
google-lineitem-id: 5361407714
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138310457556
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 141ms
141ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

74fce48ac41d78d5b40cd3caa1611bdb56edb2c2a6b3ececa81ee8a20019e158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2533
x-xss-protection: 0
google-lineitem-id: 4598612399
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138226921347
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 138ms
138ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

c792edcf95c5273fa0522164050d34333c98674ee841fc088aca1f899a9795f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2205
x-xss-protection: 0
google-lineitem-id: 4583767874
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138225750724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 475ms
475ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

4bf1d1ff0330f73813e85cbb90987316c0b0e3289b310d4d84dfc14d8fdfa219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5426
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287720609
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 138ms
138ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

993272d3782019ed91059a7ca0783dcbce2f7782e0a659dd3b411c0f2858153a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2880
x-xss-protection: 0
google-lineitem-id: 5360294550
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138310458291
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
297 B 131ms
131ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

2e568973c3881d93f73a9fc5ca7c03f3bf74f7000f1953ec8688cc0c1d7f55ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
288 B 140ms
139ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

7227de0d9e8f205c525eaf4cd6e10284b0eb0c17869d75f5fb087d53383b9b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
285 B 438ms
437ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

dbd3483f6f9c915fc109b07c9fe03165822c80684d2ac8f63471c53becd0d4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 408 B
293 B 435ms
434ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

053b481fad90fe69484c96c2118470ead0e1407efafb2610c06690ac4600a4af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 411 B
296 B 430ms
430ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

34675b04b03110612a6f27174fe1bbd12bcf63a88dd5e02d347c823005bcfab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
290 B 426ms
425ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

5d519a4b9bef676f4b753d7fb7e0c26a9f3bf2701ab714cee2edd6a7015a5e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
285 B 423ms
423ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

804cb00d2b14680fda38abc9be709201bbc2ed1013e07d78fd380f352598efe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 405 B
285 B 451ms
451ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

48afcf2159359562b897e9360bda265420882163484907fea1281b27d44f7fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
866 B 54ms
54ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:10 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.200:80
AN-X-Request-Uuid: 2c07e2ce-cb63-4d3b-87e8-5c3400825a8f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.cutimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
6 KB 573ms
572ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

2a1b7530e57c5c559b79e3e4b554a46dde3f0a3550adb8684547cd961086d41f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287718665
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 907ms
907ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

6dc5f104aef736b3b021ef1aac8a3cc4d88f584c1cbe5ce385b36e3e65399ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5503
x-xss-protection: 0
google-lineitem-id: 5361975301
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311485999
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 1291ms
1290ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e36975baf636ee9b014d44e446a0207dc604d45f4f81c79aa4c6d3a637de0ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5534
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287613990
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C94C 0
0 111ms
110ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuuQ4t2ONu-gbwHL4zTOuljJHwbizgAi6MTGFTCSiARfUQgnu4nFH913yXGlhKrIKFbxdM4A7xv4jQE8ffsvTWlH0Ob1w8ZJ2jJUvZssq1tL2ElLKATlYZ2fFvPn1LF2g1pzfPj-72UYRnQEpivECR3lplwOXdc5-1FfxHEfQIhHs_4ON4aWKkoFJ2YpSz7AdrydC67TJYklVoWZRkVACuphUwSSa_bXRAsoHDZmowWqoQDH6wzWShpNSFSjsL2rmK4h4B9b9T3KEjpg&sig=Cg0ArKJSzP0W_6Hflk8jEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C94C 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame C94C 280 KB
95 KB 71ms
71ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25319
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcfe016fdfa44faab867329d353024c109f4456d71b83a6bd07af118f0e9994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27856
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 1419ms
1419ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3689754404745591&correlator=2053856663167074&output=ldjh&impl=fifs&adsid=NT&eid=21064501%2C21065724&vrg=2020043001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200508&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=position%3Dtop1&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3D46e12960e1266d57%3AT%3D1588964528%3AS%3DALNI_MZwi0UDR989-qWfeI8XVnXNFJ1BVA&cookie_enabled=1&bc=31&abxe=1&lmt=1588964528&dt=1588964528605&dlt=1588964526679&idt=1682&frm=20&biw=1585&bih=1200&oid=3&adxs=223&adys=3585&adks=3900858016&ucis=i&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&dssz=53&icsg=3377699896741116&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x130&msz=1140x90&psts=AKB7eCIU7POd6A8Qse8LDbIW21EobzisFCIFBBZkSednYqCBInVix2Jk2l3nzPPfbNovdNbTZOVKsARg7poSovvluv-vVA&ga_vid=389083948.1588964528&ga_sid=1588964528&ga_hid=1202089093&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

6772af5acd245c94590334c0b6f9f80831e74972a4d7188d9476672c94b90de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5448
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288014260
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 3D97 280 KB
95 KB 106ms
106ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25319
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 interstitial-closing-btn.png
images.law.com/media/dfp/ 1 KB
1 KB 161ms
62ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.law.com/media/dfp/interstitial-closing-btn.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6a3413de0fd72371878388d114a04a1fbb40eedf100aee33208302835106a22e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Tue, 20 Feb 2018 16:02:00 GMT
server: Apache
etag: "438ca6-496-565a6ee4b6b93"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: public, private, max-age=1010794
backend: contribsreimg_prod_director
content-length: 1174
falcon-media-server: D=3276 t=1576785489891958
x-continent: Europe
accept-ranges: bytes
x-vnode: 28
expires: Wed, 20 May 2020 11:48:42 GMT

GET
H2 200 CUT_Nameplate_no-tag.png
images.law.com/media/dfp/logos/ 10 KB
11 KB 162ms
63ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.law.com/media/dfp/logos/CUT_Nameplate_no-tag.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

249359ccc4668f4363abe91bc69cd38c22b0ecd528890d07fe821d74d5c7819f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Thu, 14 Jun 2018 17:56:13 GMT
server: Apache
etag: "6ab00f-2990-56e9dd0a61aef"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: public, private, max-age=1013391
backend: contribsreimg_prod_director
content-length: 10640
falcon-media-server: D=4927 t=1587385966245345
x-continent: Europe
accept-ranges: bytes
x-vnode: 145
expires: Wed, 20 May 2020 12:31:59 GMT

GET
H2 200 916815488795699584
tpc.googlesyndication.com/simgad/ 76 KB
76 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/916815488795699584

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4544e0aa3094913220f0be32f284085d65a11e1c9574e961cb4c4bfba41d5db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 21:52:51 GMT
x-content-type-options: nosniff
age: 248957
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78127
x-xss-protection: 0
last-modified: Fri, 01 May 2020 15:33:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 May 2021 21:52:51 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ 0
57 B 111ms
110ms Image
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYPZ5ldZI3LpBJYaaw0_1cxATWw3I4ZJ4ejgRipS3OSebUXG4XcvoruQuZkpwT1hk1siNqWjK2Gp-WuMzUq5rUeRSuFsh4gMVSggVXHoh67XQUxFaT_cy1LY6AK13f_cfFWEPEm3ME9FN3gkYyqhEgXbhAkDw8z5VHXDSGWgbRxmvNL4M5uM0yhOXqjCpava5Fk-dxt31rRsyXJ5XqNs-Traci4gzT3uBv70W1QqxFKMCxYY4ODBlweB5VEyj3eyHkk9B8UEAaMpia6Uayj_fXQoDdE0sjsFAs8isomQk7fW7ffVdJ33I&sig=Cg0ArKJSzNI6GBTZWqwUEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8035 0
0 127ms
127ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL9UQchrFieG5r8Wh0HjknYnpoL7B1VDFeQYXYvC80ukYrZpBsrtb2t27Dfa8xtMwebrAFgMVp82WNOlb_O1RLgnHKqyWX9bFWlRi8P25qH1OLMDVfE6iPQRgI4j3VH93bnVYbHgeX-CadpTCZ3vWW5LR3L9hSFOx9M95mtqhtlTwjU7O3xGqPfNFXKpGeTlZi1eh5q1kXAo1cwp3EY_iebsazQp-6Oyiw7vTXfxEHBBO2TsEdgiW2YnlkxhpPBFFnx8xAB6Znajw0cw&sig=Cg0ArKJSzMXACU_fzWNpEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 smart_cutimes.epl
www.dianomi.com/ Frame 27BD 0
0 253ms
115ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200408150205

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20200408150205
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200408150205
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

status: 200
date: Fri, 08 May 2020 19:02:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8b2b9dbdebdfaa2acd1c113b99f5fad11588964528; expires=Sun, 07-Jun-20 19:02:08 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/2232/12.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59056ef10a1f0b43-AMS
content-encoding: br
cf-h2-pushed: </img/a/pss/2232/12.css>
cf-request-id: 029743aaa200000b430c187200000001

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8035 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 8035 280 KB
95 KB 107ms
107ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25319
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 637A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200408150205
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 08 May 2020 18:02:02 GMT
expires: Sat, 08 May 2021 18:02:02 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3606
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C78 0
0 112ms
111ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMwixX2Bs3o7QCpMtMgPBLZ9bC0_rMxsdEdG9RRLOnSf0NFr-QuHY6V-S06vGp19y0Z8jbcGFcG7nzE4Bwjf5Vk_TN5Jg2ynxw1v2KXnmzai5OuLr3RO0jfqhGyD9i_uRtWlUny1BX6MJWkq5MzXsgA9xp8UF0S6KqR_AQMh_XfzBUXS_MLlSm1LKprJUeaHJ9h6r6IoGfM68g3cOdNKtd5vJkcmTQS4YLSjeoGsuCYrKBAsT8DYbPfDc4vW8jSMfEPqEhNOlqykE9LkFnHw&sig=Cg0ArKJSzMT916_84VyFEAE&urlfix=1&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 3C78 280 KB
95 KB 114ms
114ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25319
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C78 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H2 200 8268317386639106859
tpc.googlesyndication.com/simgad/ Frame 3C78 108 KB
108 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8268317386639106859

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48475ab63a871b9496cc09459f2145277168d8bf2594b492636da76e45e7ba78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 01 May 2020 21:57:26 GMT
x-content-type-options: nosniff
age: 594282
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110195
x-xss-protection: 0
last-modified: Fri, 01 May 2020 15:35:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 May 2021 21:57:26 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 1637ms
1637ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3689754404745591&correlator=2053856663167074&output=ldjh&impl=fifs&adsid=NT&eid=21064501%2C21065724&vrg=2020043001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200508&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=position%3Dmiddle2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26page_number%3D1&cookie=ID%3De5c0de99fd525fc4%3AT%3D1588964528%3AS%3DALNI_MaVwFEz9ClCtH5KtH0I2g3IqT4kuQ&cookie_enabled=1&bc=31&abxe=1&lmt=1588964528&dt=1588964528673&dlt=1588964526679&idt=1682&frm=20&biw=1585&bih=1200&oid=3&adxs=1083&adys=4851&adks=4082410414&ucis=j&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&dssz=53&icsg=3377699896741116&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AKB7eCIU7POd6A8Qse8LDbIW21EobzisFCIFBBZkSednYqCBInVix2Jk2l3nzPPfbNovdNbTZOVKsARg7poSovvluv-vVA%2CAKB7eCLOqOvbMmbpZ6SaEebdYqE_GSjGPPOwvWr4XyA222sEocyAxwxP02rYqcKrwQP5JlZcRUkapr46eTRKxQK4t2awYg%2CAKB7eCIfehtCVd39Xae07dz2r9R2-QyWBxTtabfkY90Xr9zupK5Qx2shq21iSLTAhE5jPCRVgpYDs1fGvfyUMinNXTvBQw%2CAKB7eCKSnv1qZ3flWh99QzNxCEehsU_glCx6E3Ut8FrTMGWntKPc6emsJO1rnqp8Kg9qva0CHHB8fLqP7ff4LADABBbTNQ%2CAKB7eCIPSelvUp_z-w8HrkBoQxMo2Wii2jHbu7lVRNFlsFne6TBdtCvSnr5a6gGQFK6euuyrvAKEVsnwN5hTLaLpeAFdF9M8smY4aUcfuw%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=389083948.1588964528&ga_sid=1588964528&ga_hid=1202089093&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

53bf2d496bb832031f296f4acd0d53a532b5e33128e9d535d620fa004b388364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
google-lineitem-id: 5175869470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287720630
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel;r=1100084807;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205;fpan=1;fpa=P0-1022515592-1588964528696;ns=0;...
pixel.quantserve.com/ 35 B
658 B 259ms
84ms Image
image/gif 91.228.74.169
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1100084807;labels=ALM%20Financial.Credit%20Union%20Times;rf=0;a=p-tet4NLTPxSXJn;url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205;fpan=1;fpa=P0-1022515592-1588964528696;ns=0;ce=1;qjs=1;qv=f473609d-20200430082408;cm=;gdpr=0;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1588964528696;tzo=-120;ogl=type.website%2Ctitle.Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times%2Csite_name.Credit%20Union%20Times%2Curl.https%3A%2F%2Fwww%252Ecutimes%252Ecom%2F%2Cimage.%2F%2Fimages%252Ecutimes%252Ecom%2Fmedia%2Fmaster-template%2Fsocial-share-logos%2Fsocial-share-cut-7%2Cdescription.Credit%20Union%20Times%20investment%20management%20topics%20are%20delivered%20with%20keen%20indusry%20

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.169 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:08 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8035 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe8a303f45515da5cb98c3dc39ddcd39b6d8ed390fcd03d8377e60a16c7ec46d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ibs:dpid=22052&dpuuid=3610134258144772168&redir=
dpm.demdex.net/ 42 B
915 B 1819ms
1771ms Image
image/gif 52.35.37.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3610134258144772168&redir=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.37.246 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-37-246.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-usw2-v055-05afb9974.edge-usw2.demdex.com 5.70.0.20200507125324 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 7AfcylInTWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3610134258144772168
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYxMDEzNDI1ODE0NDc3MjE2OBAAGg0IsNnW9QUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=65c9c102373d3920a015bcf2ca88997385a4f9e95f2380a5cf075110e8782f73f4cb09cee1a4f8eb&person_id=3610134258144772168&eid=50082

43 B
312 B

81ms
71ms

Image
image/gif

52.16.75.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=65c9c102373d3920a015bcf2ca88997385a4f9e95f2380a5cf075110e8782f73f4cb09cee1a4f8eb&person_id=3610134258144772168&eid=50082
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 09 May 2020 15:02:09 GMT

Redirect headers

date: Fri, 08 May 2020 19:02:09 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=65c9c102373d3920a015bcf2ca88997385a4f9e95f2380a5cf075110e8782f73f4cb09cee1a4f8eb&person_id=3610134258144772168&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35
https://ml314.com/csync.ashx?fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35&person_id=3610134258144772168&eid=53819

43 B
312 B

140ms
70ms

Image
image/gif

52.16.75.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35&person_id=3610134258144772168&eid=53819
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 09 May 2020 15:02:09 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=8f3c7ef8-a65f-42c0-a3aa-70092a6ebd35&person_id=3610134258144772168&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sat, 09 May 2020 15:02:09 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610134258144772168
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3610134258144772168
https://ml314.com/csync.ashx?fp=abdba333502eaec3cdca11422f2122e0&eid=50146&person_id=3610134258144772168

43 B
312 B

120ms
70ms

Image
image/gif

52.16.75.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=abdba333502eaec3cdca11422f2122e0&eid=50146&person_id=3610134258144772168
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Sat, 09 May 2020 15:02:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=abdba333502eaec3cdca11422f2122e0&eid=50146&person_id=3610134258144772168
cache-control: no-cache
x-server: 10.45.10.218
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ 0
344 B 341ms
158ms Image
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 19:02:09 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 68ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964528800&de=202274037502&m=0&ar=31f9dba90d-clean&iw=0dda269&q=2&cb=0&ym=0&cu=1588964528800&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=waiting&zMoatPS=footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=847727548&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:08 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:08 GMT

GET
H/1.1 200
OK Cookie set dest5.html
alm.demdex.net/ Frame 8682 0
0 2316ms
1644ms Document
text/html 52.37.206.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.37.206.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-37-206-171.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: alm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=03468803961109395814155474353507148279
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 08 May 2020 16:14:31 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=03468803961109395814155474353507148279;Path=/;Domain=.demdex.net;Expires=Wed, 04-Nov-2020 19:02:11 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: m2MFtbv0SY4=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
b.law.com/ 48 B
478 B 316ms
61ms XHR
application/x-javascript 35.181.91.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=07613127759480289254029545078105976759&ts=1588964528825

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b0ebf97f680b8301bc82409482a7eb23559f9527e3e7d0bc387fb45ddd5a268a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-65fb49f79-clbl2
vary: Origin
x-c: master-1221.I0e927e.M0-376
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XrWssQAAAXduYRTJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=03468803961109395814155474353507148279
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrWssQAAAXduYRTJ

42 B
915 B

285ms
228ms

Image
image/gif

52.35.37.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrWssQAAAXduYRTJ

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.37.246 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-37-246.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-usw2-v055-0e3ba19ea.edge-usw2.demdex.com 5.70.0.20200507125324 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 68f3ZJGlRag=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 08 May 2020 19:02:08 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrWssQAAAXduYRTJ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 3D97 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89740d99a2b4b3e7c2c5e22a994be08a08f98a1b9d263c0f2716011c87c0d273

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3C78 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c5531fd8fdce78e880af8e0b0b8885f46abc01eb75eac80af0707f77bc24284

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2905 0
0 111ms
110ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuELrn7eBjiYV8QU6C68YvHSvL3hkcPIIycxNbup6ejbaHHMkKYwshHAGYH1ePriTEdSTIYxlDSr8skfuYu8Y6z2W5uJwxBPoslTgzpdpVd3rAqJzDCLreusYEWdcV6FiAuiyp-9qEod64FXpSTd1Cc5a4EQTspjTfRsnmvRMYjnX443Qvb4fsBWko4vNo1DYbUSJRFoYz4pxUwaoJX2aKmSpiPDxI2_N1_YykyrLzuFl3dTq3bE-PMtfb6ZxZ5hh6e78YTbVCwxw&sig=Cg0ArKJSzFT1lwyqbiy0EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 2905 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2905 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 2905 280 KB
95 KB 69ms
68ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25318
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 2178699734731539155
tpc.googlesyndication.com/simgad/ Frame 2905 57 KB
57 KB 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178699734731539155

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 05:49:34 GMT
x-content-type-options: nosniff
age: 220355
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58723
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 14:01:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 05:49:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964528872&de=923444569658&m=0&ar=31f9dba90d-clean&iw=0dda269&q=5&cb=0&ym=0&cu=1588964528872&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=792312828&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
DATA 200
OK truncated
/ Frame 2905 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5026d17ae84f456a690aaf05d6bc2f5c89072b99f258dcfc9047a68e76517d2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.law.com%2Fmedia%2Fdfp%2Finterstitial-closing-btn.png&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=22&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8784&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=4&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1393047872&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C3CA 0
0 112ms
111ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0kHAuc6x_1x5OsRNVXj8mh3RtNqDLAGHb9un8FhjsK0wBCATdMAORZmpo5KIbrtqu63YWBj9mDN2a6nxt_zzhBYbgZO75SMVtbVmpP1nH2fDcQfoJ5DQ1e1ZH_06ffFIRSuhgM6VqSSxnIw29E2Z4PDhzc5E6S_Pb3-WPeL0z6P013BKeXLc60-SKJkTEdzqX1809MTUdMSJ6zMfX2tIPYx76DkQF9UK3qGgTWyNNcydkc_9NjZj2yZebwia60euFvoS2RQbetg&sig=Cg0ArKJSzPOjg89C7m4eEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame C3CA 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3CA 74 KB
28 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxmraidlidarcontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C3CA 0
0 18ms
17ms Image
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQypcE9Fg4YqDT7ZOiJ2kxchHLQMRaU8s9NwTkoC_16Ggwu46RfzZ21TBGJ5WG8dM9bbQyP
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame C3CA 280 KB
95 KB 69ms
68ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25318
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 14219715358696162092
tpc.googlesyndication.com/simgad/ Frame C3CA 62 KB
62 KB 7ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14219715358696162092

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ddb6ea1b3f3a0beb4a0ffc83fa23ea7ada62d8088a7fa07095d2294c0e20acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 04:12:28 GMT
x-content-type-options: nosniff
age: 1954181
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63249
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:55:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Apr 2021 04:12:28 GMT

GET
H2 200 s68819877592625
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/ 43 B
222 B 62ms
61ms Image
image/gif 35.181.91.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s68819877592625?AQB=1&ndh=1&pf=1&t=8%2F4%2F2020%2021%3A2%3A9%205%20-120&mid=07613127759480289254029545078105976759&aamlh=9&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Ahome&g=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&cc=USD&ch=cut%3Ahome&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c7=undefined%20%7C%20undefined&v24=cut&c30=home&v30=D%3Dc30&c40=28&c41=3%3A00pm&v41=D%3Dc41&c42=friday&v42=D%3Dc42&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:08 GMT
x-content-type-options: nosniff
x-c: master-1221.I0e927e.M0-376
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 May 2020 19:02:09 GMT
server: jag
xserver: anedge-65fb49f79-p847z
etag: 3412275343364816896-4613632363456900685
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 07 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
71ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964528911&de=163128926941&m=0&ar=31f9dba90d-clean&iw=0dda269&q=8&cb=0&ym=0&cu=1588964528911&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1358355018&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163&google_gid=CAESEJ-hyVN8f6dg0dj8-bmQbpc&google_cver=1

0
597 B

143ms
143ms

Script
text/javascript

52.0.233.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163&google_gid=CAESEJ-hyVN8f6dg0dj8-bmQbpc&google_cver=1
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-233-94.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8832881143639073590&pixelIndex=0&_=1588964528163&google_gid=CAESEJ-hyVN8f6dg0dj8-bmQbpc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 423396.gif
idsync.rlcdn.com/ 0
40 B 186ms
186ms Image
text/plain 35.241.8.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8832881143639073590
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 149.8.241.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 08 May 2020 19:02:09 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8268317386639106859&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=11&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8784&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=2087637849&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
DATA 200
OK truncated
/ Frame C3CA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74272a6b73d683700126c662697eb3178094747f29bfd974d641c54a7e5c8369

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 68ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964528959&de=48527015079&m=0&ar=31f9dba90d-clean&iw=0dda269&q=11&cb=0&ym=0&cu=1588964528959&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1841512760&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964528975&de=960852247311&m=0&ar=31f9dba90d-clean&iw=0dda269&q=14&cb=0&ym=0&cu=1588964528975&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&zMoatMData=waiting&zMoatPS=d_footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1290096677&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964529102&de=60947576214&m=0&ar=31f9dba90d-clean&iw=0dda269&q=17&cb=0&ym=0&cu=1588964529102&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287720609&zMoatMData=waiting&zMoatPS=top2&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=776846477&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 68B5 0
0 114ms
112ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9Uon8O4ukCNmEmk0WHqzQIab44xspVYHA61fRy7z6Xv56yIwp7bg7Si2SIzpoqLrUdQH9ohT1ifLrUpSEtSzEAG2XVfqqXRkBW4I1CN9mxYfuVh3SFgdqkkLRc1sxIQxijkQx8fubvFSdAbAv_I-TqZpXeV9FpqUFy-9IDLXbIDoG_iRcAjAWyeHm3sgG9ZlBhhaWBHwD5LFMevsbQZSrriHofMGvUNPbPExttFaEGV4jJ7bE5poGBO_qBx3_Te1Xz-15GW8juMGA_w&sig=Cg0ArKJSzGJqhDRLtClqEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 68B5 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68B5 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 68B5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCaRDIBf4e2ZWN9H-XrWFtG7gg6Gcbge-BbXInJqnmjIcSXJKDhzqAVf_aIckdM4xXHhbA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 68B5 280 KB
95 KB 69ms
68ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25318
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 1863942139773628393
tpc.googlesyndication.com/simgad/ Frame 68B5 29 KB
30 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1863942139773628393

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211d9551bc948cff27e7ac0a189d4dc6389b3489b2e6ec7449d2d3c25e5a1ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 16:27:10 GMT
server: sffe
status: 200
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30121
x-xss-protection: 0
expires: Sat, 08 May 2021 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2178699734731539155&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529102&de=60947576214&cu=1588964529102&m=14&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720609&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=479869732&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
DATA 200
OK truncated
/ Frame 68B5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac71de30c877e460605763cd41797076e9451756ae0da9d71ac7856b1443f8de

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964529285&de=625644736774&m=0&ar=31f9dba90d-clean&iw=0dda269&q=20&cb=0&ym=0&cu=1588964529285&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&zMoatMData=1&zMoatPS=middle1&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1114162763&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14219715358696162092&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529285&de=625644736774&cu=1588964529285&m=12&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1591904108&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fsmart_cutimes.epl%3Fid%3D3420%26url%3Dhttps%253A%2F%2Fwww.cutimes.com%2F%253Fslreturn%253D20200408150205&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528975&de=960852247311&cu=1588964528975&m=523&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=116&cd=0&ah=116&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1141176104&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964529589&de=53512134608&m=0&ar=31f9dba90d-clean&iw=0dda269&q=23&cb=0&ym=0&cu=1588964529589&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1064063661&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 10E6 0
0 112ms
111ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_5mKLCLrRKM_B9vvSAD-hTJVkjLHyNSTpb8aj3szBxmKk9llOLViXMHOOUnTQOYeynpLXsupsmxTKRBLIa7z5yKN9hic4F1OlCRrUZj4ghMuC6z77rhKO66bvSKqnrRQhAnA1AmW3Hc-xMRbo8YgbKY7DE4XpoaheBvDOQnPq_vpgfvnmk2oyyePzB6xwCJe4B2aF6RcKK9Fsb2VMCvekdmxiWtDYuNW9DTEZeq-mHCMpQAPG9S5P6BIZdJwVbfLYTwdzZnjOvw&sig=Cg0ArKJSzA53Cu01_IFeEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:09 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 10E6 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10E6 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarcontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 10E6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDQRJlsmDlcVZQ9hJr6jLjOTS3uikTkhGEbrVEPLYEOhZwxe0Pb0hAGdBR7WnZ_5LVsnFt
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 10E6 280 KB
95 KB 69ms
68ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:09 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25318
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 6856618701810694934
tpc.googlesyndication.com/simgad/ Frame 10E6 57 KB
57 KB 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6856618701810694934

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 26 Apr 2020 21:06:19 GMT
x-content-type-options: nosniff
age: 1029350
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58723
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:59:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Apr 2021 21:06:19 GMT

GET
DATA 200
OK truncated
/ Frame 10E6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 957b6486e240cefee02533e5cec51bbc9eb692d0f88d7d604eec3e390d34d2f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F1863942139773628393&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529589&de=53512134608&cu=1588964529589&m=13&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=2&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=50&pf=0&ib=1&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=2060231457&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=1058&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1048&an=4&gi=1&gf=1048&gg=4&ix=1048&ic=1048&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1048&bx=4&ci=1048&jz=830&dj=1&aa=0&ad=950&cn=0&gk=950&gl=0&ik=950&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=830&cd=8&ah=830&am=8&rf=0&re=1&ft=950&fv=0&fw=950&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=373423162&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0627 0
0 112ms
110ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGmZhxdQcoYWU6WNllGGkqcuq5oL5QTYiKogYfVZnBbnV3W7R_9iYvAx127o95euIKpqYUlV_hpfWWU2oalRndmA6lEwU0FbbkGCc3nmyb-ZyGWRtnW741dHUE9Isqjr0nM9LwqMBfEY-4CxEreuzRuEUFYjbWt5pxgT6qLGN2NBk12YmJ3HEveLQKXSGcwLgIBuwLEyYAQ_Ud_NTYMw47e9r5lwV75t4dkwjNL92bLOcx4RjiNrj-PTtPdzCwKq0WfA8qGnBkdQ&sig=Cg0ArKJSzCJy_Rnshba7EAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 6856618701810694934
tpc.googlesyndication.com/simgad/ Frame 0627 57 KB
57 KB 7ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6856618701810694934

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 26 Apr 2020 21:06:19 GMT
x-content-type-options: nosniff
age: 1029351
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58723
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:59:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Apr 2021 21:06:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 0627 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0627 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0627 0
0 15ms
14ms Image
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm7vztpLucwCGo7V-98B4VJ9UDElBherZffrWwFCCGDEHThcMGom7VtWui_ckWUsxthb38
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 0627 280 KB
95 KB 70ms
69ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:10 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25317
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
DATA 200
OK truncated
/ Frame 0627 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 680de2a0e7d5cbd3cdf853ee5e5ec5a690c1caff54b1a668d234788a73bddaa6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=1059&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1048&an=1048&gi=1&gf=1048&gg=1048&ix=1048&ic=1048&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1048&bx=1048&ci=1048&jz=830&dj=1&aa=0&ad=950&cn=950&gk=950&gl=950&ik=950&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=830&cd=830&ah=830&am=830&rf=0&re=1&ft=950&fv=950&fw=950&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=953895166&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C78 42 B
110 B 40ms
40ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4E9fZBwNIpVu971VESb_uukOjAGSojojMoPlye-qPPjaYTHoAAvrQuy4-htdMK14JH2qq4Aag4bJwH8LVlMOwH_fc4WWTHt8VDerRLx0&sig=Cg0ArKJSzHjIuUNbvVNgEAE&adk=3917720313&tt=-1&bs=1585%2C1200&mtos=0,1024,1024,1024,1024&tos=0,1024,0,0,0&p=21,93,345,1493&mcvt=1024&rs=0&ht=0&tfs=137&tls=1249&mc=0.98&lte=0&bas=0&bac=0&met=mue&la=1&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588964528654&dlt&rpt=318&isd=0&msd=0&ext&xdi=0&ps=1585%2C8744&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1249&is=1400%2C320&iframe_loc=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200506

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=1061&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1048&an=1048&gi=1&gf=1048&gg=1048&ix=1048&ic=1048&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1048&bx=1048&ci=1048&jz=830&dj=1&aa=0&ad=950&cn=950&gk=950&gl=950&ik=950&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=830&cd=830&ah=830&am=830&rf=0&re=1&ft=950&fv=950&fw=950&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1381033624&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=1026&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1020&an=2&gi=1&gf=1020&gg=2&ix=1020&ic=1020&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1020&bx=2&ci=1020&jz=812&dj=1&aa=0&ad=916&cn=0&gk=916&gl=0&ik=916&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=4&ah=812&am=4&rf=0&re=1&ft=916&fv=0&fw=916&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1405003717&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1736 0
0 112ms
111ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtVskCgfz4Kdaji-9w-TNuodxVveaLFs4fcqx5Z7kMX-YcLGaY0DUrv64BTn6_s2nd0UF-v7vw0fWZHs99AuOwj_5PVEM_yf6ZMS3eM6nd3donOsef_VVJdLAOColMz0Nv24aXW5ZbzQTtSVM87p7E_5nN4rimenROYIIiD-Nma-MK3vqRwtBF4bM69VEjkPiCTLjyVB8BW6OGJsJInAaCMCQW2_xHXFCcNakuM4OKn0DC5rxhtcSMXokMJfycxSIC2sdHQhH-kw&sig=Cg0ArKJSzLTXpTRnBEgoEAE&adurl=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 14219715358696162092
tpc.googlesyndication.com/simgad/ Frame 1736 62 KB
62 KB 7ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14219715358696162092

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ddb6ea1b3f3a0beb4a0ffc83fa23ea7ada62d8088a7fa07095d2294c0e20acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 04:12:28 GMT
x-content-type-options: nosniff
age: 1954182
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63249
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 13:55:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Apr 2021 04:12:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 1736 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 17:39:36 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1736 74 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarcontrol

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588787389460423"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28331
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1736 0
0 17ms
16ms Image
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTxelQltno5Mw5XE2tQUngU5hxx8P1_b_LxePXulukVWkvVqLLcdWJr6YiFaNVh0DGUlaP
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/almdfp680616975594/ Frame 1736 280 KB
95 KB 69ms
68ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almdfp680616975594/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:10 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 17:40:19 GMT
server: AmazonS3
x-amz-request-id: 781822DF9B979697
etag: "ec16baca4e37c86472f990f93a7d3f57"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=25317
accept-ranges: bytes
content-length: 96620
x-amz-id-2: kvHmQINB9rzZMtzLgQy/ZUx5WP2GaTnzaO54ANntStbW9Sk/fPCEzreKlQsFlemzbPpgf5530IE=

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=1028&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1020&an=1020&gi=1&gf=1020&gg=1020&ix=1020&ic=1020&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1020&bx=1020&ci=1020&jz=812&dj=1&aa=0&ad=916&cn=916&gk=916&gl=916&ik=916&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=812&ah=812&am=812&rf=0&re=1&ft=916&fv=916&fw=916&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=465712172&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
DATA 200
OK truncated
/ Frame 1736 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 673ed4fb652a359877b6fbe3c54a41165183e576cc8fcbd32bd242e644a80240

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=1029&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1020&an=1020&gi=1&gf=1020&gg=1020&ix=1020&ic=1020&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1020&bx=1020&ci=1020&jz=812&dj=1&aa=0&ad=916&cn=916&gk=916&gl=916&ik=916&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=812&ah=812&am=812&rf=0&re=1&ft=916&fv=916&fw=916&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=173390986&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 68ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964529992&de=518893648305&m=0&ar=31f9dba90d-clean&iw=0dda269&q=26&cb=0&ym=0&cu=1588964529992&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1122251606&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6856618701810694934&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=13&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1156333095&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964530140&de=506798810127&m=0&ar=31f9dba90d-clean&iw=0dda269&q=29&cb=0&ym=0&cu=1588964530140&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&zMoatMData=1&zMoatPS=top1&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=1982762382&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 68B5 42 B
110 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueQEePpN_z--6XZjqoN1bt1-vMQ6f3_RAdZT22AE0ZtDruKGajcun7ngpfYtX21McQaf0XRWbvw0eWxkH41dj-_OuSMfS30QbURrMWb4M&sig=Cg0ArKJSzEljsBM-OuMWEAE&adk=4142453217&tt=-1&bs=1585%2C1200&mtos=0,0,1074,1074,1074&tos=0,0,1074,0,0&p=1074,1083,1324,1383&mcvt=1074&rs=0&ht=0&tfs=106&tls=1139&mc=0.5&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588964529486&dlt&rpt=78&isd=0&msd=0&ext&xdi=0&ps=1585%2C8744&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1138&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20200506

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F6856618701810694934&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530140&de=506798810127&cu=1588964530140&m=11&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=146976327&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=1282&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1272&an=1048&gi=1&gf=1272&gg=1048&ix=1272&ic=1272&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1272&bx=1048&ci=1048&jz=830&dj=1&aa=1&ad=1174&cn=950&gn=1&gk=1174&gl=950&ik=1174&co=1174&cp=1052&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1052&cd=830&ah=1052&am=830&rf=0&re=1&ft=1174&fv=950&fw=950&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=2035374288&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=1254&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1247&an=1020&gi=1&gf=1247&gg=1020&ix=1247&ic=1247&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1247&bx=1020&ci=1020&jz=812&dj=1&aa=1&ad=1143&cn=916&gn=1&gk=1143&gl=916&ik=1143&co=1143&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=812&ah=1022&am=812&rf=0&re=1&ft=1143&fv=916&fw=916&wb=1&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=453114176&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 68ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1588964530415&de=194890952964&m=0&ar=31f9dba90d-clean&iw=0dda269&q=32&cb=0&ym=0&cu=1588964530415&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4523359581%3A2475441733%3A5175869470%3A138287720630&zMoatMData=1&zMoatPS=middle2&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=376100255&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F14219715358696162092&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530415&de=194890952964&cu=1588964530415&m=15&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720630&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1259150067&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529589&de=53512134608&cu=1588964529589&m=1058&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A50%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1052&an=2&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1052&kw=852&aj=1&pg=50&pf=50&ib=1&cc=1&bw=1052&bx=2&ci=1052&jz=852&dj=1&aa=0&ad=953&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=852&cd=3&ah=852&am=3&rf=0&re=1&ft=739&fv=0&fw=739&wb=1&cl=0&at=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1367494349&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 10E6 42 B
110 B 39ms
38ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspH43nKfuMoZknOMwQYJzJ1RNyg2hTSMOJ2poXpliaAaUk8pXkeQxevU9R1u5cLCCsj3ZO5nY-qksJhlGb5X573CLhUBfuKuceg_Oh_aE&sig=Cg0ArKJSzO30USE3TsCSEAE&adk=2736157804&tt=-1&bs=1585%2C1200&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&p=964,429,1054,1157&mcvt=1089&rs=0&ht=0&tfs=116&tls=1248&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588964529876&dlt&rpt=45&isd=0&msd=0&ext&xdi=0&ps=1585%2C8744&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-6-12-12-0-0-0&tvt=1243&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200506

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 72ms
71ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529589&de=53512134608&cu=1588964529589&m=1260&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A50%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1254&an=1052&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1052&kw=852&aj=1&pg=50&pf=50&ib=1&cc=1&bw=1254&bx=1052&ci=1052&jz=852&dj=1&aa=1&ad=1155&cn=953&gk=0&gl=0&ik=0&co=1155&cp=1053&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1053&cd=852&ah=1053&am=852&rf=0&re=1&ft=941&fv=739&fw=739&wb=1&cl=0&at=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=223515073&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=1018&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1010&an=2&gi=1&gf=1010&gg=2&ix=1010&ic=1010&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1010&bx=2&ci=1010&jz=807&dj=1&aa=0&ad=911&cn=0&gk=911&gl=0&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=807&cd=4&ah=807&am=4&rf=0&re=1&ft=911&fv=0&fw=911&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1952737296&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=1019&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1010&an=1010&gi=1&gf=1010&gg=1010&ix=1010&ic=1010&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1010&bx=1010&ci=1010&jz=807&dj=1&aa=0&ad=911&cn=911&gk=911&gl=911&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=807&cd=807&ah=807&am=807&rf=0&re=1&ft=911&fv=911&fw=911&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1572035438&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=1021&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1010&an=1010&gi=1&gf=1010&gg=1010&ix=1010&ic=1010&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1010&bx=1010&ci=1010&jz=807&dj=1&aa=0&ad=911&cn=911&gk=911&gl=911&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=807&cd=807&ah=807&am=807&rf=0&re=1&ft=911&fv=911&fw=911&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=331143690&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=1233&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=1225&an=1010&gi=1&gf=1225&gg=1010&ix=1225&ic=1225&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1225&bx=1010&ci=1010&jz=807&dj=1&aa=1&ad=1126&cn=911&gn=1&gk=1126&gl=911&ik=1126&co=1126&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=807&ah=1012&am=807&rf=0&re=1&ft=1126&fv=911&fw=911&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1890735428&cs=0
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20200408150205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
28ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020043001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaee0a79c1d64a9f2d190411fa9f748a92be7eb59e67489ecb6c1f8f3dc82768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 May 2020 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5585
x-xss-protection: 0

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
4 KB 66ms
65ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

dc282ca9f457e22786a89606796ba1db9f772d79ba57b1795b54e4c7a4729ed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template243
etag: W/"3368-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 3368
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
1 KB 68ms
68ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

083018544ecfdbe6462c83d2595a7253796352ca3df1d37bbe9cf674bee82fab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"1222-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1222
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 76ms
75ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

98b77b6ec808d5031798aa26307cf2a499dc9cbb8502dc9e2994e58aeb9e4e1a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"1583-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1583
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
2 KB 83ms
82ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template244 /

Resource Hash

2197e124a3df746df8b3f4ce400b0abf4bf0c1e6d60c527313dda7501b094b7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template244
etag: W/"1413-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 1413
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 cut-logo-white-nav.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 89ms
89ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/cut-logo-white-nav.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

942397a1904cfbaab4f68e31b2f096786a9de71d85660c719ec8dc7f4aa1e680

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"2159-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 2159
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
3 KB 95ms
95ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template243 /

Resource Hash

267abd7ab655fbe8dce0945f2c919ffa97632016ba963c01c6029e153a73edd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 27
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Fri, 24 Apr 2020 17:52:48 GMT
server: template243
etag: W/"3131-1587750768000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 3131
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 3 KB
3 KB 60ms
59ms Image
image/png 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

template51 /

Resource Hash

45343cff29b666c6d3c631c67b66b7e8da99c0f3f0a27cb085026e1d6aaadd2d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vnode: 28
date: Fri, 08 May 2020 19:02:11 GMT
last-modified: Thu, 30 Apr 2020 11:18:48 GMT
server: template51
etag: W/"2986-1588245528000"
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
status: 200
cache-control: public, max-age=14400
backend: templates_newlaw_director
accept-ranges: bytes
content-length: 2986
expires: Fri, 08 May 2020 23:02:11 GMT

GET
H2 200 virtual-financial-literacy-program-e1588961887356.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 10 KB
11 KB 98ms
98ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/virtual-financial-literacy-program-e1588961887356.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5db9900e3eea62b8838ec26aec3b1f05721f93cb6b2c317d50da06b863827b84

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 18:22:39 GMT
server: Apache
etag: "823508-26ac-5a52715115631"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209563
backend: contribsreimg_prod_director
content-length: 9900
accept-ranges: bytes
x-vnode: 28
date: Fri, 08 May 2020 19:02:11 GMT
expires: Fri, 22 May 2020 19:01:34 GMT

GET
H2 200 Virtual-Prom-e1588874702270.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2020/05/ 14 KB
15 KB 103ms
103ms Image
image/jpeg 104.111.216.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2020/05/Virtual-Prom-e1588874702270.jpg?profile=river-small

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.216.176 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-216-176.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bbf982f9ff9c87631a0962e9db639757d1050122f2a6f88a1c0c15ec8678cdda

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com
last-modified: Fri, 08 May 2020 18:02:48 GMT
server: Apache
etag: "826d1c-3766-5a526ce15f126"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
status: 200
cache-control: max-age=1209597
backend: contribsreimg_prod_director
content-length: 14182
accept-ranges: bytes
x-vnode: 21
date: Fri, 08 May 2020 19:02:11 GMT
expires: Fri, 22 May 2020 19:02:08 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 563C 0
0 149ms
48ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 08 May 2020 19:02:11 GMT
Age: 23880014
X-Served-By: cache-jfk8123-JFK, cache-hhn4021-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 4378891
X-Timer: S1588964532.704517,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7B0B 0
0 149ms
49ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 08 May 2020 19:02:11 GMT
Age: 23880015
X-Served-By: cache-jfk8123-JFK, cache-hhn4030-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 3770125
X-Timer: S1588964532.704969,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5017 0
0 147ms
49ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 08 May 2020 19:02:11 GMT
Age: 23880015
X-Served-By: cache-jfk8123-JFK, cache-hhn4046-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 3769684
X-Timer: S1588964532.704978,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 71AE 0
0 148ms
49ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 08 May 2020 19:02:11 GMT
Age: 23880015
X-Served-By: cache-jfk8123-JFK, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 718661
X-Timer: S1588964532.708002,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 61BF 0
0 159ms
55ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/prebid/cutimes.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.cutimes.com/?slreturn=20200408150205
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 08 May 2020 19:02:11 GMT
Age: 23880015
X-Served-By: cache-jfk8123-JFK, cache-hhn4075-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 718678
X-Timer: S1588964532.718632,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Fri, 08 May 2020 19:02:11 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 26D2 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cutimes.com/?slreturn=20200408150205
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.cutimes.com/?slreturn=20200408150205

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 08 May 2020 18:02:03 GMT
expires: Sat, 08 May 2021 18:02:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3608
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 39ms
39ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020043001&jk=3689754404745591&bg=!h4SlhJxY9jpZAMKtiFoCAAAAY1IAAAAemQF3eu33OKjao0GBqKxLiL_EJVHkwggb-y4lpuZ0d2h-S7mTRxZbWkmLIUUJn3OueWKlY2HfRLYs0j18W0g_8GJDDjwLJlfczCsPcDUvvWb9ZAYp_LwCoJrKzokGTmrdEAV6VxcGlD6C-dSTrkuDd-z7Ix_q2uVWmReovDYB-SLuMNcE52zev5nkAzaUFenFMH9Pxy0sQeTkI_mXQytojdsoDYTwVunvlxIHe6hOKPjUOV8Lc85AnNUhFpPtC45ahNpwx1uOvbbLBVMzCH3dj6cjiEUN-eDv2gAFy5W-6St5SDiJsHQIYO_uCICTsX2b_DNwKpE7cHJYofT-uuqAWTY3WiFJLhbU9fvPYxvlTzUvFkkkJL5_avsGtVlKmztSCc-4kTnMlTMLshtLplt7IfySAsNXvWC0T-qz7GpssklXqvVbFvgG_ZWpZQeKFywEbZk3H6V4LDELOecc0F5KZ1dFrZ21BcLz46vo_fJPAHJYOSF9HzRd6sRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=5141&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=5132&an=1272&gi=1&gf=5132&gg=1272&ix=5132&ic=5132&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5132&bx=1272&ci=1048&jz=830&dj=1&aa=1&ad=5034&cn=1174&gn=1&gk=5034&gl=1174&ik=5034&co=1174&cp=1052&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4935&cd=1052&ah=4935&am=1052&rf=0&re=1&ft=5034&fv=1174&fw=950&wb=2&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=557982456&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=5128&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=5122&an=1247&gi=1&gf=5122&gg=1247&ix=5122&ic=5122&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5122&bx=1247&ci=1020&jz=812&dj=1&aa=1&ad=5018&cn=1143&gn=1&gk=5018&gl=1143&ik=5018&co=1143&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4923&cd=1022&ah=4923&am=1022&rf=0&re=1&ft=5018&fv=1143&fw=916&wb=2&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=760008053&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H/1.1 200
OK 0171f5aa8de500112f463a66ab2c00079003007100b08 Show response
visitor-service-eu-central-1.tealiumiq.com/alm/main/ 1 KB
1 KB 67ms
67ms Script
application/javascript 18.196.158.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-service-eu-central-1.tealiumiq.com/alm/main/0171f5aa8de500112f463a66ab2c00079003007100b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1588964534203
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.158.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-158-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 340e603c2e63b8c99f0e01935fb63fe49362cf248b11ecfedac7f756c6fce2ba

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Version: 6156e04cd506cc6f9c815630f04d9d8409201998-SNAPSHOT
X-Region: eu-central-1
Connection: keep-alive
Content-Length: 1041
X-NodeId: i-0f44716c48a9a973e
Content-Type: application/javascript; charset=utf-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
71ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529102&de=60947576214&cu=1588964529102&m=5338&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5134&cd=4&ah=5134&am=4&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720609&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=156795155&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529285&de=625644736774&cu=1588964529285&m=5256&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5050&cd=3&ah=5050&am=3&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=834184964&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528975&de=960852247311&cu=1588964528975&m=5683&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5080&cd=116&ah=5080&am=116&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1416905690&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529589&de=53512134608&cu=1588964529589&m=5103&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A50%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=5096&an=1254&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1052&kw=852&aj=1&pg=50&pf=50&ib=1&cc=1&bw=5096&bx=1254&ci=1052&jz=852&dj=1&aa=1&ad=4997&cn=1155&gk=0&gl=0&ik=0&co=1155&cp=1053&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4897&cd=1053&ah=4897&am=1053&rf=0&re=1&ft=4783&fv=941&fw=739&wb=1&cl=0&at=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=483009286&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:14 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 143ms
143ms Script
text/javascript 52.0.233.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=18252462%2C18600656&cl=1008&pixelIndex=0&r=411049&tzOffset=-120&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=8832881143639073590&_=1588964528164
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.233.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-233-94.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?member=827&add=18252462,18600656
https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656

43 B
1 KB

53ms
52ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.168:80
AN-X-Request-Uuid: 00f7c4ef-285b-467f-882d-c29af2d92bc9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 May 2020 19:02:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid: 290aa230-06ae-4c99-98b3-25c9eb43aa70
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fmember%3D827%26add%3D18252462%2C18600656
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=5084&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=5076&an=1225&gi=1&gf=5076&gg=1225&ix=5076&ic=5076&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5076&bx=1225&ci=1010&jz=807&dj=1&aa=1&ad=4977&cn=1126&gn=1&gk=4977&gl=1126&ik=4977&co=1126&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4877&cd=1012&ah=4877&am=1012&rf=0&re=1&ft=4977&fv=1126&fw=911&wb=2&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=222484662&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530140&de=506798810127&cu=1588964530140&m=5283&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5078&cd=3&ah=5078&am=3&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=2109762852&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530415&de=194890952964&cu=1588964530415&m=5265&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5058&cd=4&ah=5058&am=4&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720630&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=957308384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&t=1588964528800&de=202274037502&m=0&ar=31f9dba90d-clean&iw=0dda269&q=33&cb=0&ym=0&cu=1588964528800&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4481724681%3A2255325031%3A4594036698%3A138226581719&zMoatMData=waiting&zMoatPS=footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=2058064270&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=ALMDFP1&hp=1&wf=1&vb=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&t=1588964528959&de=48527015079&m=0&ar=31f9dba90d-clean&iw=0dda269&q=34&cb=0&ym=0&cu=1588964528959&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&bo=21664827602&bd=21683639053&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&gw=almdfp680616975594&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2634%3A2634%3A0%3A2753&fs=180167&na=278503083&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:18 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
68ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=538&w=680&fy=452.5&gp=240&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528872&de=923444569658&cu=1588964528872&m=10200&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=240&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=10190&an=5132&gi=1&gf=10190&gg=5132&ix=10190&ic=10190&ez=1&ck=1048&kw=830&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10190&bx=5132&ci=1048&jz=830&dj=1&aa=1&ad=10092&cn=5034&gn=1&gk=10092&gl=5034&ik=10092&co=1174&cp=1052&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9994&cd=4935&ah=9994&am=4935&rf=0&re=1&ft=5960&fv=5034&fw=950&wb=2&cl=0&at=0&d=4855280310%3A2689503116%3A5361407714%3A138310457556&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=interstitial&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Domsearch%20Late&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1749701972&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=320&w=1400&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528911&de=163128926941&cu=1588964528911&m=10164&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=10157&an=5122&gi=1&gf=10157&gg=5122&ix=10157&ic=10157&ez=1&ck=1020&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10157&bx=5122&ci=1020&jz=812&dj=1&aa=1&ad=10053&cn=5018&gn=1&gk=10053&gl=5018&ik=10053&co=1143&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9959&cd=4923&ah=9959&am=4923&rf=0&re=1&ft=5923&fv=5018&fw=916&wb=2&cl=0&at=0&d=4855280310%3A2689503116%3A5360294550%3A138310458291&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=super_hero&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=2003704082&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529102&de=60947576214&cu=1588964529102&m=10373&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10169&cd=5134&ah=10169&am=5134&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720609&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=top2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1103595538&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529285&de=625644736774&cu=1588964529285&m=10292&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10086&cd=5050&ah=10086&am=5050&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287718665&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1341103130&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=300&w=1180&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964528975&de=960852247311&cu=1588964528975&m=10714&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10111&cd=5080&ah=10111&am=5080&rf=0&re=1&wb=1&cl=0&at=0&d=4523117267%3A2248606997%3A4598612399%3A138226921347&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=waiting&zMoatPS=d_footer&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1080697351&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 72ms
71ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529589&de=53512134608&cu=1588964529589&m=10154&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=50&vx=50%3A50%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=10149&an=5096&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1052&kw=852&aj=1&pg=50&pf=50&ib=1&cc=1&bw=10149&bx=5096&ci=1052&jz=852&dj=1&aa=1&ad=10050&cn=4997&gk=0&gl=0&ik=0&co=1155&cp=1053&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9949&cd=4897&ah=9949&am=4897&rf=0&re=1&ft=5094&fv=4783&fw=739&wb=1&cl=0&at=0&d=4523359581%3A2689792469%3A5361975301%3A138311485999&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=1687313956&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 69ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964529992&de=518893648305&cu=1588964529992&m=10109&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=1&ag=10101&an=5076&gi=1&gf=10101&gg=5076&ix=10101&ic=10101&ez=1&ck=1010&kw=807&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10101&bx=5076&ci=1010&jz=807&dj=1&aa=1&ad=10002&cn=4977&gn=1&gk=10002&gl=4977&ik=10002&co=1126&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9902&cd=4877&ah=9902&am=4877&rf=0&re=1&ft=5078&fv=4977&fw=911&wb=2&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287613990&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=493094341&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:20 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 71ms
70ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530140&de=506798810127&cu=1588964530140&m=10331&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10126&cd=5078&ah=10126&am=5078&rf=0&re=1&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138288014260&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=top1&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=331764740&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:20 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 70ms
69ms Image
image/gif 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=19&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ALMDFP1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&confidence=2&pcode=almprebidheader476420012280&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20200408150205&id=1&f=0&j=&t=1588964530415&de=194890952964&cu=1588964530415&m=10297&ar=31f9dba90d-clean&iw=0dda269&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8744&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2634%3A2634%3A0%3A2753&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10091&cd=5058&ah=10091&am=5058&rf=0&re=0&wb=1&cl=0&at=0&d=4523359581%3A2475441733%3A5175869470%3A138287720630&bo=21664827602&bd=21683639053&gw=almdfp680616975594&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21683639053&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21683639053&zMoatMData=1&zMoatPS=middle2&zMoatCURL=cutimes.com&zMoatDev=Desktop&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=180167&na=287118857&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.cutimes.com/?slreturn=20200408150205
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 May 2020 19:02:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 08 May 2020 19:02:20 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cutimes.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_ppvl%3Dcut%25253Ahome%252C14%252C14%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dcut%25253Ahome%252C14%252C14%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
			www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 3.02

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://store.law.com/Registration/js/overlayForm.js(Line 43) Message: Skip overlay, not logged in or using a shared account.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alm.demdex.net
b.law.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
collect.tealiumiq.com
datacloud.tealiumiq.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
ib.adnxs.com
idsync.rlcdn.com
images.cutimes.com
images.law.com
match.adsrvr.org
mb.moatads.com
ml314.com
owlcarousel2.github.io
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
rules.quantcount.com
s.dpmsrv.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.chartbeat.com
store.cutimes.com
store.law.com
sync.crwdcntrl.net
tag.simpli.fi
tags.tiqcdn.com
tpc.googlesyndication.com
use.typekit.net
visitor-service-eu-central-1.tealiumiq.com
www.cutimes.com
www.dianomi.com
www.google.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
104.111.216.176
104.18.22.230
143.204.102.246
151.101.113.108
152.199.23.241
169.47.141.198
172.217.22.34
18.196.114.149
18.196.158.226
18.211.103.48
185.199.110.153
204.14.32.159
204.14.32.196
2600:9000:2156:2200:6:44e3:f8c0:93a1
2606:4700::6810:85e5
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:820::200a
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00:28c::25ea
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
3.123.209.152
3.125.70.222
34.253.109.165
35.181.91.36
35.241.8.149
37.252.172.38
52.0.233.94
52.16.75.38
52.212.177.60
52.222.182.102
52.35.37.246
52.37.206.171
54.77.250.219
66.117.28.86
72.247.226.64
91.228.74.147
91.228.74.169
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
053b481fad90fe69484c96c2118470ead0e1407efafb2610c06690ac4600a4af
082d6bf8473c5ff49f52c84a7ccca31f7f8568b3fad38ceda1e2d3a90d9f3453
083018544ecfdbe6462c83d2595a7253796352ca3df1d37bbe9cf674bee82fab
0b19fa3503195cb6a6bd07845d20a7c468fd2206fe2e1c0cb25f45ee4ed439eb
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d15439b05672163427711941e01c42e5d2804939f6098c4126c8fd2a653fe2c
0e40fbde1dbb4757342b655cc782db23c8f4844a0623a84643a349d52b6cda90
0f35c56292b93cc1a796bed46551c6b9f33677a83da02b338ecb5df46b93e657
12e8f013cc970ec40a44e65bf90795ac4f89ed7ea2540c241eee3552211ecbac
157b65bf0fd7a42f8eb07a26746450939571582436e5af9de1719156393ff463
1aeca74d2d21b251d364689ea6457590a1a6b13c6e71b8fb46a1fc22dd926c94
1b484d46c585707d69102873172a893ffabd34b2b7e17fedf7b19015dbf251a7
1d077456cce99706d145c446cf5daa1641bd1af43601e6836a2a9f6b2b525ead
1f47c9736b5dcf7cf5a6db4a56485d7e5b59e38dab3b34fb2a8778009540d6ff
1f7c684f90b0256ebca3c798abfb99d7a2be8904f45b536fc6aef8c1bcc4e97d
203c53e92c4994351bfcb37003059ba3a9bd041580a8271e7881f03bbc061fcf
211d9551bc948cff27e7ac0a189d4dc6389b3489b2e6ec7449d2d3c25e5a1ec3
2197e124a3df746df8b3f4ce400b0abf4bf0c1e6d60c527313dda7501b094b7d
235aac272e0838d325e6eca1393e82c72f47792a7ebf7f7e89805beb20327232
245d9d9f1946ab61eb6ae6ac0b4148df3083a4edbcb72b46b8d9f0e48f0b1804
249359ccc4668f4363abe91bc69cd38c22b0ecd528890d07fe821d74d5c7819f
2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
267abd7ab655fbe8dce0945f2c919ffa97632016ba963c01c6029e153a73edd0
26a445e5f69c9ee7552b52be4bf7293fd39ff7827562bc2d2a26aca7a2055142
2a1b7530e57c5c559b79e3e4b554a46dde3f0a3550adb8684547cd961086d41f
2ce08ba5cc3207e74cc36214fdac532d69aa6d6421c5a80fe2cb537cd757e0a7
2e568973c3881d93f73a9fc5ca7c03f3bf74f7000f1953ec8688cc0c1d7f55ce
30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0
340e603c2e63b8c99f0e01935fb63fe49362cf248b11ecfedac7f756c6fce2ba
34675b04b03110612a6f27174fe1bbd12bcf63a88dd5e02d347c823005bcfab4
36c9fc6051d4a3d870934f3f78edcc4acaeb2b289453123baaccceaf125f4456
386304e8dcdc06a6474321865af2cd47cea2690e7f70223a364eaeaa45f9c74c
3dd944c54a0ef9f73a2010f03723410178a9557981baf24cb8e548dc4381bb4e
3e8ee14092586919b5ca348ed176e27b988cfee653a306a0fed55ef028cd156a
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45343cff29b666c6d3c631c67b66b7e8da99c0f3f0a27cb085026e1d6aaadd2d
4544e0aa3094913220f0be32f284085d65a11e1c9574e961cb4c4bfba41d5db3
46a69b88df8dce5def5cf781098b96c0748ed4359bfe4e7e9047b4606ba91184
48475ab63a871b9496cc09459f2145277168d8bf2594b492636da76e45e7ba78
48afcf2159359562b897e9360bda265420882163484907fea1281b27d44f7fcc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf1d1ff0330f73813e85cbb90987316c0b0e3289b310d4d84dfc14d8fdfa219
4ddb6ea1b3f3a0beb4a0ffc83fa23ea7ada62d8088a7fa07095d2294c0e20acb
4efb9de16d92c008c1e987bf92e11d3244b53f10df3d0b57a0af2d0d2966bfbc
4f2155501b26bb5f3be67bfdf8b4bbf840f03aeb9e4da9d1785e81ab6047bac0
5026d17ae84f456a690aaf05d6bc2f5c89072b99f258dcfc9047a68e76517d2a
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
53bf2d496bb832031f296f4acd0d53a532b5e33128e9d535d620fa004b388364
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
558c7daa3a79598a30ae3cbfd9ccca29694bd9c9313ee51548725e239b7997bf
58ecc1cfaf2bd3805360ae09cb08f51468c60a0f5feffc8588706335f92da5e1
5d519a4b9bef676f4b753d7fb7e0c26a9f3bf2701ab714cee2edd6a7015a5e7f
5db9900e3eea62b8838ec26aec3b1f05721f93cb6b2c317d50da06b863827b84
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fcfe016fdfa44faab867329d353024c109f4456d71b83a6bd07af118f0e9994
60dcc87c0f24716469dce0f6b24a41d6f063ce531c9a3d246595e3c13e5c0df7
673ed4fb652a359877b6fbe3c54a41165183e576cc8fcbd32bd242e644a80240
6772af5acd245c94590334c0b6f9f80831e74972a4d7188d9476672c94b90de5
680de2a0e7d5cbd3cdf853ee5e5ec5a690c1caff54b1a668d234788a73bddaa6
6a3413de0fd72371878388d114a04a1fbb40eedf100aee33208302835106a22e
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
6c924b1448353c68240203f6609e28a4fee6b9c782110af9d19a9fe4a19cbb77
6dc5f104aef736b3b021ef1aac8a3cc4d88f584c1cbe5ce385b36e3e65399ef1
71589b103fe41e467a42d73570aa89f148b223837869fe205e0914f9e4cf530f
7227de0d9e8f205c525eaf4cd6e10284b0eb0c17869d75f5fb087d53383b9b79
741110231a909d22b216fa73bcbf089bb4eada11b50a42fd0a8a87b423e29cf7
74272a6b73d683700126c662697eb3178094747f29bfd974d641c54a7e5c8369
74fce48ac41d78d5b40cd3caa1611bdb56edb2c2a6b3ececa81ee8a20019e158
76778d76506e4223dc0a1a988c7b6b2e9b7f1ca71aedb65f87dd2f5ff5a4c6eb
7a1bc8cf49cf86b5a2be2e41b06cf866d0f6e9a20833358e2a0e7d084ef8d2c8
7dbdb6f19d55b45d058b4756241bbaef603f75742f242b71dfec808d47c208ff
7e01c1f46d29e8a778c9b2ae372f63fe76a2dc5c3629c441dcf52ea7b51190c0
7e25c42336afb738ec8101db2778da2920f32e4d15136ebe75099e243350ed81
804cb00d2b14680fda38abc9be709201bbc2ed1013e07d78fd380f352598efe1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81201a3ad8d16a9aa237ebc805080098f751a52a526d8e2c61c64d0ffdce7e5a
84d927ab3b2e3a249e857799bfde603ddc95db0a3cf66bd8baf9171b0802cb87
87a85dd49446af6ecdfc0db0ebf7dc7f0f01313b5e65f01e8bac5573102cf0cf
89740d99a2b4b3e7c2c5e22a994be08a08f98a1b9d263c0f2716011c87c0d273
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8c5531fd8fdce78e880af8e0b0b8885f46abc01eb75eac80af0707f77bc24284
914e14616fe6c894e839cd9ec4cc183192dbcbb9314d41728865eec02916fc09
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
942397a1904cfbaab4f68e31b2f096786a9de71d85660c719ec8dc7f4aa1e680
943c47e42eff83d25675ef352e488d2e3aaf8c8af0f019a78d21339836a1f065
94ff1886b75337d9ecd8fd6c1ea51aee392e6013ac927b81a01fa62d7b79d08b
957b6486e240cefee02533e5cec51bbc9eb692d0f88d7d604eec3e390d34d2f2
9728131608f65fbd66c71d6c71fdabaeaade08aeeaf732c28f5fbccf020229f4
98b77b6ec808d5031798aa26307cf2a499dc9cbb8502dc9e2994e58aeb9e4e1a
993272d3782019ed91059a7ca0783dcbce2f7782e0a659dd3b411c0f2858153a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a71bca31948a063281244e1e3b9494999d94e4bf2fd2cf3f0fb193b88c09785d
aa4f2b1aa4590eb3d10455a1f0b0b5739efe3e4d5f8250ba56717aafd0ac5191
aba1fe2f9ce3031d9cd0ad8d6cb942f3780e880b900595468aef7b69ba1d19e5
abb263c59e57a3d1557c5b36005fd378d6bf935600d045529d867eb48912c245
ac71de30c877e460605763cd41797076e9451756ae0da9d71ac7856b1443f8de
ac8dfe4a1cee274583b3df67b449c4a884869361e59a05d1e0b8b4bb941049a8
b0ebf97f680b8301bc82409482a7eb23559f9527e3e7d0bc387fb45ddd5a268a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c99e84e985f3b99e9696c64b17feb7e1326c28c0544d17137a4446eddd1a4c
b270aa6ce374d95c46d8d34041614f747699021ed381db4c615d7cd347a38a8c
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
bbf982f9ff9c87631a0962e9db639757d1050122f2a6f88a1c0c15ec8678cdda
bf2be7a162ab08b7af9e7c65da41489e3758cc22e1fab98ac49a0ab69dcb3597
c1f61fda64b5029f6c902ea1b32d39423cb716bb9a842b13e8977de38600e0b3
c293a28e23c66b27bd04bc1742f3aab0ebf6c382961c1e83140f035a08ea5e5d
c4dea17a99279cc2521e9d359c6b4b01a3785454b994274a24357d133fb052b7
c4faa938416ca1bf56c11b9b2813ff288fde8e517771b16f2057b7b61972e6ac
c792edcf95c5273fa0522164050d34333c98674ee841fc088aca1f899a9795f4
ccbd5cc32673a888beb973dbc038e381b729328bda152613cc45866955e4c10e
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d787dcae4dfb46f36ba447b1b7b03c7c6c05d836841d1cf10586a1a2085c4102
dbd3483f6f9c915fc109b07c9fe03165822c80684d2ac8f63471c53becd0d4b8
dc282ca9f457e22786a89606796ba1db9f772d79ba57b1795b54e4c7a4729ed3
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e0aa97421774866118cdad4af1600a0d53b1012ee0f3f4f271ddf6fcf7eb35dc
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e36975baf636ee9b014d44e446a0207dc604d45f4f81c79aa4c6d3a637de0ae8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9cfa29fa86ce04673d24bcdcfcaccf4e9e6b29f81b64553b13952cddf7194ba
eaee0a79c1d64a9f2d190411fa9f748a92be7eb59e67489ecb6c1f8f3dc82768
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30137e3c92cd4ff1c55a6efe2c04d55a4154134fcf81af43629b5a7c4652a5f
f6a6d9ffa3bc3196469ca0a1ddff6dd8a5837423babdf00aa93059c0f81563dc
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fe8a303f45515da5cb98c3dc39ddcd39b6d8ed390fcd03d8377e60a16c7ec46d

www.cutimes.com Open in urlscan Pro 104.111.216.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

263 Requests

100 %HTTPS

33 %IPv6

33 Domains

51 Subdomains

42 IPs

8 Countries

3129 kBTransfer

7143 kBSize

2 Cookies

31 Outgoing links

Page URL History

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.cutimes.com Open in urlscan Pro
104.111.216.176 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

100 %
HTTPS

33 %
IPv6

33
Domains

51
Subdomains

42
IPs

8
Countries

3129 kB
Transfer

7143 kB
Size

2
Cookies

263 HTTP transactions
10 data transactions