urlscan.io logo urlscan.io
SecurityTrails logo

www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3N...
Effective URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_...
Submission: On July 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 10 countries across 67 domains to perform 414 HTTP transactions. The main IP is 2606:4700::6812:3b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com. The Cisco Umbrella rank of the primary domain is 382152.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2023. Valid for: a year.
This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.20.71.201 14618 (AMAZON-AES)
3 45 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 192.226.82.212 16524 (METTEL)
9 2a02:26f0:780... 20940 (AKAMAI-ASN1)
9 23.32.185.123 16625 (AKAMAI-AS)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.244.141.151 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.253.242.168 16509 (AMAZON-02)
1 34.241.14.248 16509 (AMAZON-02)
3 52.222.208.154 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
13 2600:9000:223... 16509 (AMAZON-02)
19 104.18.16.195 13335 (CLOUDFLAR...)
1 13.32.99.47 16509 (AMAZON-02)
1 35.201.104.135 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 52.213.166.38 16509 (AMAZON-02)
2 22 37.252.171.149 29990 (ASN-APPNEX)
2 52.23.72.57 14618 (AMAZON-AES)
4 23.215.22.18 16625 (AKAMAI-AS)
2 204.180.130.165 53866 (QTS-AS)
44 2a00:1450:400... 15169 (GOOGLE)
3 204.180.130.159 53866 (QTS-AS)
1 18.66.112.84 16509 (AMAZON-02)
3 34.111.234.236 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.75.116.157 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:205... 16509 (AMAZON-02)
2 3.92.120.28 14618 (AMAZON-AES)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
7 2a00:1450:400... 15169 (GOOGLE)
4 75.2.104.6 16509 (AMAZON-02)
4 99.83.154.140 16509 (AMAZON-02)
1 52.30.125.120 16509 (AMAZON-02)
2 63.140.62.135 15224 (OMNITURE)
1 1 52.208.181.207 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.82.29.12 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 143.204.98.71 16509 (AMAZON-02)
8 10 142.250.185.130 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
9 52.222.253.136 16509 (AMAZON-02)
7 145.40.97.66 54825 (PACKET)
7 51.89.9.252 16276 (OVH)
15 2602:803:c004... 26667 (RUBICONPR...)
4 10 193.3.178.3 399668 (E-PLANNING-)
12 3.74.39.51 16509 (AMAZON-02)
12 185.86.139.95 201081 (SMARTADSE...)
6 35.186.253.211 15169 (GOOGLE)
9 185.64.189.112 62713 (AS-PUBMATIC)
6 34.120.63.153 396982 (GOOGLE-CL...)
9 216.52.2.6 30282 (AS-INAPCD...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.237.219.119 14618 (AMAZON-AES)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 192.226.85.63 16524 (METTEL)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
9 3.161.119.117 16509 (AMAZON-02)
5 23.32.184.192 16625 (AKAMAI-AS)
3 6 2a00:1450:400... 15169 (GOOGLE)
4 34.98.64.218 396982 (GOOGLE-CL...)
3 69.166.1.14 27630 (AS-XFERNET)
3 104.18.25.185 13335 (CLOUDFLAR...)
1 95.101.148.20 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 23.213.164.226 16625 (AKAMAI-AS)
2 23.52.120.246 16625 (AKAMAI-AS)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 213.155.156.169 1299 (TWELVE99 ...)
3 198.47.127.205 3257 (GTT-BACKB...)
1 1 178.250.7.11 44788 (ASN-CRITE...)
2 185.64.191.210 62713 (AS-PUBMATIC)
1 99.81.215.196 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.206.89.97 14618 (AMAZON-AES)
3 3 37.157.2.229 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
7 9 69.173.144.139 26667 (RUBICONPR...)
1 35.71.131.137 16509 (AMAZON-02)
2 3 54.239.33.158 16509 (AMAZON-02)
2 3 52.46.143.56 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
414 95
1    107.20.71.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com
linkmktg.cutimes.com
45    2606:4700::6812:3b7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cutimes.com
store.cutimes.com
images.cutimes.com
2    192.226.82.212 (Brooklyn, United States)

ASN16524 (METTEL, US)
store.law.com
9    2a02:26f0:780::210:a452 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
9    23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2a02:26f0:3100::1735:28c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2606:4700::6812:d5a (United States)

ASN13335 (CLOUDFLARENET, US)
imageserver.amlaw.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    35.244.141.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.141.244.35.bc.googleusercontent.com
cdn.yourbow.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.253.242.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-242-168.eu-west-1.compute.amazonaws.com
mb.moatads.com
1    34.241.14.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-14-248.eu-west-1.compute.amazonaws.com
geo.moatads.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2600:9000:223c:a400:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)
olytics.omeda.com
13    2600:9000:223e:d800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
19    104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
data.dianomi.com
1    13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net
s.dpmsrv.com
1    35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
1    2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.213.166.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-166-38.eu-west-1.compute.amazonaws.com
dpm.demdex.net
22    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    52.23.72.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-72-57.compute-1.amazonaws.com
a.dpmsrv.com
4    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
oqs.omeda.com
44    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3    204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com
cdp.omeda.com
1    18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net
ak.sail-horizon.com
3    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2057:4e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
pi.pardot.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    75.2.104.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: a710cf531d4cd2506.awsglobalaccelerator.com
api.sail-track.com
4    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    52.30.125.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-125-120.eu-west-1.compute.amazonaws.com
alm.demdex.net
2    63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net
b.law.com
1    52.208.181.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-181-207.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    3.82.29.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-29-12.compute-1.amazonaws.com
ping.chartbeat.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
ats.rlcdn.com
10    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
telemetries.jeeng.com
1    2600:9000:20eb:bc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
9    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
7    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
15    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
12    3.74.39.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
12    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
6    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
9    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
9    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com
e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com
1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com
e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com
1    34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com
go.alm.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    192.226.85.63 (Newport, United States)

ASN16524 (METTEL, US)
geoip.alm.com
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
12    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
9    3.161.119.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-117.vie50.r.cloudfront.net
cdn1.opstag.com
5    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
os4m-d.openx.net
yourbow-d.openx.net
3    69.166.1.14 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.213.164.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-226.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    99.81.215.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-215-196.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.206.89.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-89-97.compute-1.amazonaws.com
a.audrte.com
3    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
9    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:d29:3605:cb40:4a86:732c:5dc5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
46 cutimes.com
linkmktg.cutimes.com
www.cutimes.com — Cisco Umbrella Rank: 382152
store.cutimes.com — Cisco Umbrella Rank: 751499
images.cutimes.com — Cisco Umbrella Rank: 369780
295 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
cm.g.doubleclick.net — Cisco Umbrella Rank: 243
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
562 KB
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com
1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com
e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com
160 KB
26 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 567
eus.rubiconproject.com — Cisco Umbrella Rank: 631
pixel.rubiconproject.com — Cisco Umbrella Rank: 382
token.rubiconproject.com — Cisco Umbrella Rank: 626
23 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 568
35 KB
21 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 583
ads.pubmatic.com — Cisco Umbrella Rank: 558
image6.pubmatic.com — Cisco Umbrella Rank: 764
image2.pubmatic.com — Cisco Umbrella Rank: 916
simage2.pubmatic.com — Cisco Umbrella Rank: 740
219 KB
19 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 9073
data.dianomi.com — Cisco Umbrella Rank: 10034
113 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 364
aax.amazon-adsystem.com — Cisco Umbrella Rank: 451
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078
s.amazon-adsystem.com — Cisco Umbrella Rank: 320
72 KB
13 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 950
101 KB
12 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1495
4 KB
12 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1305
2 KB
11 moatads.com
z.moatads.com — Cisco Umbrella Rank: 670
mb.moatads.com — Cisco Umbrella Rank: 871
geo.moatads.com — Cisco Umbrella Rank: 785
px.moatads.com — Cisco Umbrella Rank: 580
196 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 827
os4m-d.openx.net — Cisco Umbrella Rank: 30391
yourbow-d.openx.net — Cisco Umbrella Rank: 16237
2 KB
10 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6737
8 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 556
p.typekit.net — Cisco Umbrella Rank: 690
189 KB
9 opstag.com
cdn1.opstag.com — Cisco Umbrella Rank: 30364
332 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 728
4 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1280
contextual.media.net — Cisco Umbrella Rank: 621
13 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 784
2 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 934
515 B
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 211
249 KB
7 omeda.com
olytics.omeda.com — Cisco Umbrella Rank: 20549
oqs.omeda.com — Cisco Umbrella Rank: 21089
cdp.omeda.com — Cisco Umbrella Rank: 20635
69 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 520
px4.ads.linkedin.com — Cisco Umbrella Rank: 5735
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2519
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2424
dis.criteo.com — Cisco Umbrella Rank: 588
8 KB
4 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3122
665 B
4 sail-track.com
api.sail-track.com — Cisco Umbrella Rank: 7564
696 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1388
98 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 210
alm.demdex.net — Cisco Umbrella Rank: 86262
6 KB
4 gstatic.com
fonts.gstatic.com
161 KB
4 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 8039
ml314.com — Cisco Umbrella Rank: 1799
22 KB
4 law.com
store.law.com — Cisco Umbrella Rank: 72052
b.law.com — Cisco Umbrella Rank: 77400
6 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 8063
c1.adform.net — Cisco Umbrella Rank: 601
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25441
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22551
898 B
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 648
1 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2440
2 KB
3 dpmsrv.com
s.dpmsrv.com — Cisco Umbrella Rank: 22705
a.dpmsrv.com — Cisco Umbrella Rank: 18749
31 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 406
fonts.googleapis.com — Cisco Umbrella Rank: 74
8 KB
3 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 25658 Failed
telemetries.jeeng.com — Cisco Umbrella Rank: 17638
158 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 255
38 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4461
560 B
2 alm.com
go.alm.com — Cisco Umbrella Rank: 88288
geoip.alm.com — Cisco Umbrella Rank: 84916
1 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2590
idsync.rlcdn.com — Cisco Umbrella Rank: 413
78 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 747
6 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
216 B
2 pardot.com
pi.pardot.com — Cisco Umbrella Rank: 4363
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
133 KB
2 amlaw.com
imageserver.amlaw.com — Cisco Umbrella Rank: 44281
69 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461
619 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 386
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 865
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 868
266 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 405
140 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5665
455 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 595
13 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 841
375 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1238
201 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3784
397 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 957
517 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 685
396 B
1 t.co
t.co — Cisco Umbrella Rank: 511
378 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1535
15 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 708
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 69
67 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3178
33 KB
1 yourbow.com
cdn.yourbow.com — Cisco Umbrella Rank: 66584
373 KB
414 67
Domain Requested by
43 www.cutimes.com 2 redirects www.cutimes.com
25 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.cutimes.com
www.googletagservices.com
22 ib.adnxs.com 2 redirects cdn.yourbow.com
cdn1.opstag.com
acdn.adnxs.com
19 pagead2.googlesyndication.com olytics.omeda.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 www.dianomi.com www.cutimes.com
www.dianomi.com
15 fastlane.rubiconproject.com cdn.yourbow.com
cdn1.opstag.com
13 tags.tiqcdn.com www.cutimes.com
tags.tiqcdn.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 prg.smartadserver.com cdn.yourbow.com
12 btlr.sharethrough.com cdn.yourbow.com
10 pbjs.e-planning.net 4 redirects cdn.yourbow.com
10 cm.g.doubleclick.net 8 redirects
9 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
9 ap.lijit.com cdn.yourbow.com
cdn1.opstag.com
9 hbopenbid.pubmatic.com cdn.yourbow.com
cdn1.opstag.com
9 aax.amazon-adsystem.com c.amazon-adsystem.com
9 use.typekit.net www.cutimes.com
use.typekit.net
7 onetag-sys.com cdn.yourbow.com
7 prebid.a-mo.net cdn.yourbow.com
7 www.googletagservices.com olytics.omeda.com
securepubads.g.doubleclick.net
www.cutimes.com
6 pubads.g.doubleclick.net 3 redirects www.cutimes.com
6 prebid.media.net cdn.yourbow.com
6 rtb.openx.net cdn.yourbow.com
6 z.moatads.com www.cutimes.com
z.moatads.com
securepubads.g.doubleclick.net
5 pixel.rubiconproject.com 3 redirects
5 ads.pubmatic.com www.cutimes.com
cdn.yourbow.com
ads.pubmatic.com
5 www.google.com tpc.googlesyndication.com
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 px.ads.linkedin.com 3 redirects
4 api.sail-personalize.com ak.sail-horizon.com
4 api.sail-track.com ak.sail-horizon.com
4 secure.cdn.fastclick.net www.cutimes.com
secure.cdn.fastclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 image2.pubmatic.com ads.pubmatic.com
3 htlb.casalemedia.com cdn1.opstag.com
3 apex.go.sonobi.com cdn1.opstag.com
3 os4m-d.openx.net cdn1.opstag.com
3 px.moatads.com
3 ml314.com tags.tiqcdn.com
ml314.com
z.moatads.com
3 cdp.omeda.com olytics.omeda.com
3 dpm.demdex.net 1 redirects
3 c.amazon-adsystem.com cdn.yourbow.com
c.amazon-adsystem.com
3 cdnjs.cloudflare.com www.cutimes.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com cdn.yourbow.com
eus.rubiconproject.com
2 data.dianomi.com www.dianomi.com
2 gum.criteo.com 1 redirects static.criteo.net
2 telemetries.jeeng.com users.api.jeeng.com
2 snap.licdn.com tags.tiqcdn.com
snap.licdn.com
2 www.facebook.com
2 b.law.com tags.tiqcdn.com
2 pi.pardot.com tags.tiqcdn.com
pi.pardot.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 oqs.omeda.com olytics.omeda.com
2 a.dpmsrv.com
2 olytics.omeda.com www.cutimes.com
tags.tiqcdn.com
2 fonts.googleapis.com www.cutimes.com
ajax.googleapis.com
2 imageserver.amlaw.com www.cutimes.com
2 store.law.com 1 redirects www.cutimes.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 yourbow-d.openx.net cdn.yourbow.com
1 acdn.adnxs.com cdn.yourbow.com
1 eb2.3lift.com cdn.yourbow.com
1 contextual.media.net cdn.yourbow.com
1 e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 mug.criteo.com
1 www.google.de
1 geoip.alm.com cdnjs.cloudflare.com
1 go.alm.com pi.pardot.com
1 378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 idsync.rlcdn.com
1 ats.rlcdn.com secure.cdn.fastclick.net
1 ping.chartbeat.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cm.everesttech.net 1 redirects
1 alm.demdex.net tags.tiqcdn.com
1 analytics.twitter.com
1 t.co
1 static.chartbeat.com tags.tiqcdn.com
1 static.ads-twitter.com tags.tiqcdn.com
1 www.googletagmanager.com tags.tiqcdn.com
1 ak.sail-horizon.com tags.tiqcdn.com
1 vi.ml314.com www.cutimes.com
1 s.dpmsrv.com www.cutimes.com
1 geo.moatads.com z.moatads.com
1 mb.moatads.com z.moatads.com
1 ajax.googleapis.com www.cutimes.com
1 users.api.jeeng.com www.cutimes.com
1 cdn.yourbow.com www.cutimes.com
1 p.typekit.net use.typekit.net
1 images.cutimes.com www.cutimes.com
1 store.cutimes.com 1 redirects
1 linkmktg.cutimes.com 1 redirects
414 113
Subject Issuer Validity Valid
cutimes.com
Cloudflare Inc ECC CA-3		 2023-04-21 -
2024-04-20		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-18 -
2023-11-18		 a year crt.sh
*.law.com
Go Daddy Secure Certificate Authority - G2		 2023-03-09 -
2024-04-09		 a year crt.sh
cdn.yourbow.com
GTS CA 1D4		 2023-06-24 -
2023-09-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.omeda.com
SSL.com RSA SSL subCA		 2023-06-18 -
2024-06-23		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.dpmsrv.com
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
vi.ml314.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2023-07-14 -
2024-07-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
ml314.com
GTS CA 1D4		 2023-06-07 -
2023-09-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-29 -
2023-07-28		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-13 -
2023-09-12		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
api.sail-track.com
Amazon RSA 2048 M02		 2023-04-24 -
2024-05-22		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
b.law.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-10 -
2023-10-11		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
go.alm.com
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.alm.com
Go Daddy Secure Certificate Authority - G2		 2022-12-25 -
2023-12-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.opstag.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-27		 8 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 35 frames:

Primary Page: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Frame ID: 53A9860E7F539B1BFF3748D21C9BB4A5
Requests: 258 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 50C9F97CE31E1854D16A9648B497900E
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Frame ID: FDE8007EF50AA94562EBAFF727052A3A
Requests: 7 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Frame ID: 0EE35D3CF45A2ADC8D314FC54F016F4A
Requests: 12 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 11F692922D2DBB4C6B26A74C0CA7FEB2
Requests: 1 HTTP requests in this frame

Frame: https://378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 493FD0C6972469AFD9CA7754D1B5FFBD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com
Frame ID: 6E19820274FF7A30AF2533EB2BA9C0B0
Requests: 2 HTTP requests in this frame

Frame: https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/invisible.js
Frame ID: 527ADC6CCB7D8D09CBB88EFE610E229F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90DB0ABBF05AC640B0E2CBE8184FC5C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4F72EAC29182FC83F68FA0C2DAF49AD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFRh69IjmCY9zRqZTMqr0uOzIWqbItpA5yECJ1WyGrwjeJN8xTHccgNexFhABKI-Jz9rrik-WuTwP4BTNrAHhZMtPGdfV04bymTGYLewYgdEy8OWzgVTLqRCbX7DoPzG7f5pK-EHvKMVV3OY3WHDbo1bvpJeUgPx3o5oSvrmO6F48SepkSiQvfpf3QgvEWRbrWJt2HEtIMyxk2__7lzNhQOV1GV0iUgaELsLiIjajrjmyRt5Cqr6_BDSYGBZfrJCwAkytoA8HBPkP14rJxeKF31myO5iItG_966bteXNwI5b22jfcHI_5p6IUwihafuJDLFeSl6rfUxaSUUAoeD8Zfz1tl-vY&sai=AMfl-YQMVhnacz-ew6QpwXEJNkeog1AfiYVoT9HUx8B3ha0P0pG_vhz-y3Ikb1XtB3qesMK4wS61C0AFCI6bXiPjEOO4g_Nrx_TgSWWqM75FSLCXwAEMNr5fqfoxK6JOXg&sig=Cg0ArKJSzKf3-z8U0SBrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 409B4ABD32A7A502A9CFDE3E76C80EF6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9RCH821Py8Lu625FFA-Mlruh8VlDv23Zh_y_WHJvUdFKSs99FbTW6fwaw8Cln9YeR8MhtTt1b8P6DQVuidg6_O9xroCVR1GQtWqTT2KqDE1P4dKhk6XjBFJ6-5_7CQptOrGM3CpJcY29XtiYmDiNevovz4-qHm1gY-guq2HZ7XHSb3_DJBxetgVgCkd4vvdX9w20KZb3ILbZNsZ0jyNWp0ZyhU8jpnBDQaoNwPoKOGZGXC1fSpi3fWSdarp_zGaYgRxMCxHmDY3WynsMsoJv1Fgs_BCYgPLJc_da_kbT54xUgWw92KxtWbL-jjTpH1dOysBy5kG-QTEYAVC2yfmZJVBliHIQ&sai=AMfl-YTeabsH8QC5uoZ-rcGnx6G5v9tGkgsN1tEr2dwdbrClL8Izt2IXrWYgzoT98SYuEyYi77ZRzh6bFJucIJj9ntwZA13nXL5NU0prKJWbxBb-7barb-1rN5B6Bwbklg&sig=Cg0ArKJSzArjXTZIODjUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 188FEBD7229E2AEF853C16FE77EEE89F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvia0ktEv92MgSIF-lUCNrzgPsF6ecw9OpncnG_QSbRmDYmRsQaIx11KlbZQD6pW7wowzI88mPPoDJGvJRZKWpPDo_UxvDrLtanpbj_Dp9qgR-ACGkiFocVM8t0B5Yq_Zu5mZ0i2KrYu8ZC1Dn6TXIMXxqV5kYgSeyd_q4krGfmRiEyEfJ64qLvxhUqaPk3h81NPl64QQWcd-4NvrQO2OTUSf9Vpu0CFdf0wG66vfxqbqmTsEDDp_GymmR8-TpZUZoRkk7c_yTEEI041UgiHrddMDu2EWvZDAy6qQap921wha96BlajK-nFOWH3z44pEJ60iukzn4lSexaTr6tccMiXP_7B_cY&sai=AMfl-YSTRM6fJM7WKHKYseH395TW8X8m_4hyPefPmz4rEWQJk9M42UKpWXHCKqMoAWjRb-GDxHYdsKp7UGdfthjVLLc-_vU9fh1S4S5RziWO-el1Ui5P8BJlA_zrOSAokA&sig=Cg0ArKJSzEF_YDrSB8XGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BA36DCD3F21E07748904B3C21A9CFC9B
Requests: 7 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14471/prebid.js
Frame ID: DDDE8CAD37E8A666E917D1F10C70A674
Requests: 17 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14472/prebid.js
Frame ID: 463C760E87D79FD35C644A730594B14A
Requests: 17 HTTP requests in this frame

Frame: https://cdn1.opstag.com/14472/prebid.js
Frame ID: 74A8855855F865E8BAA7CE26FA4A8F05
Requests: 17 HTTP requests in this frame

Frame: https://e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 2F2B0373409AC0AC259E4B3E093B8A62
Requests: 1 HTTP requests in this frame

Frame: https://1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F06CEBB2F436662569A858240141E8C0
Requests: 1 HTTP requests in this frame

Frame: https://e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: E275F0AB531435D472675FEC70C86DF6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E00568E3323DF97C1793BC8F2E99110
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D26D6C6FC7283CB1D8B93EDBAD6E18E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1AC2F7BDA950752D253FB33E5910C01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9946C3E92AAFCDD46A505DE606C8B312
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E45549A2C914DB116BF8F96A93A4B649
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A347B23ABF2BCFC4AA0B77C4AB961F1
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0B1EB729FA1ACF05288279B774D4CFD1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Frame ID: B382790F54AAF327758F5DCB6AD1FBD9
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: C215517F37FFD91522A9DA35A71E88E0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2AE4F88A5AD36F2DE3A0FAFCBDB32B71
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689869390924
Frame ID: 90DB81656492EEE523EDC63DD3A358BF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 064298111E2B0B6F2BB28F20AD53773C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7F87A23CE6E63094C54EA4B9F756FE26
Requests: 10 HTTP requests in this frame

Frame: https://yourbow-d.openx.net/w/1.0/pd
Frame ID: 39FB33B54DE11C9935154F14847D5EA7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687996999021008493
Frame ID: 1043F773217CC438DB4D6BBD622C2718
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 16EBAC165FCCDA0E880FE0CDA6953EC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Phishing Attack Exposes Personal Info for 14,754 NIHFCU Members | Credit Union Times

Page URL History Show full URLs

  1. https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGl... HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?u... HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
    http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=9a6b0d6a-9c5f-424d-91e2-30051614eaa2... HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

414
Requests

93 %
HTTPS

32 %
IPv6

67
Domains

113
Subdomains

95
IPs

10
Countries

3988 kB
Transfer

10304 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8_dXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPXByb21vJnV0bV9jYW1wYWlnbj10ZWNoX2h1YiZ1dG1fY29udGVudD0wNzIwMjMmdXRtX3Rlcm09Y3V0/5ef20c09c907c3413055c95dE670b60b6 HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut HTTP 302
    https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
    http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=9a6b0d6a-9c5f-424d-91e2-30051614eaa2&source=https%3a%2f%2fwww.cutimes.com%2f2023%2f07%2f11%2fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2f%3futm_source%3demail%26utm_medium%3dpromo%26utm_campaign%3dtech_hub%26utm_content%3d072023%26utm_term%3dcut%26slreturn%3d20230620120946&debug=lawDomainIPWithRefRedirectAnon HTTP 302
    https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595
Request Chain 85
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D198230%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230620120946 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D198230%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F2023%25252F07%25252F11%25252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%25252F%25253Futm_source%25253Demail%252526utm_medium%25253Dpromo%252526utm_campaign%25253Dtech_hub%252526utm_content%25253D072023%252526utm_term%25253Dcut%252526slreturn%25253D20230620120946 HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?id=1486297697844927826&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=198230&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Request Chain 116
  • https://cm.everesttech.net/cm/dd?d_uuid=15142237836033583333436617876535041447 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLlcTgAAANzPFANn
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1486297697844927826&pixelIndex=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1486297697844927826&pixelIndex=0&google_tc= HTTP 302
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1486297697844927826&pixelIndex=0&google_gid=CAESENQ_N4pFrRF3Oh6pUNqXk5g&google_cver=1
Request Chain 137
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1689869390432%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230620120946%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cookiesTest=true&liSync=true&e_ipv6=AQJsIjJma2L4tgAAAYl0EJZgYLuZZEZubY5LKOLd2GVFdunF4c5jm5cfdWfgQd5IolCbne8
Request Chain 145
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Request Chain 165
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Request Chain 190
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Request Chain 207
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946 HTTP 302
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Request Chain 221
  • https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/invisible.js
Request Chain 232
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=WVyO_Hw5ZnBWSlI1ZjlDUGZLUWtjZWhFU2NrcE9ZVm1OaVhPUkF1NWpZOVBiTjB0emVNUzhVMjRPdk55eXQxYU04bzZPMkJmTzM3cUtjTnVMU1A0dk91TWNrZC9kOEU3cUNGSlVVV0JFeWk3K01hSTlGM2ZEVVBIUlBpWUxZT2I1NUhtMmh0bCtqYTF4eEh6Z3hqUnY0dlB1Yy9OamRQMGVhWkU3QmRkekcvRG11MUs3bExwdllrQVp6Nmdua2RmT2JtSTBmSHB2U3pqRXFZQmxrUER0d3JaVGl3dStKWjFFRWV3VFVTK0c0NXp2YjRTWDJMRHUxbUN0aytJL2JLb0t3ZytSOW5vNlN2UXRHTkRnekdVZE5IQlF6Zz09fA&cppv=2
Request Chain 313
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339&pre=1
Request Chain 317
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Request Chain 318
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Request Chain 395
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687996999021008493
Request Chain 396
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQKTljA8SYW9TEo-615igw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 399
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=785314841 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=05029396-303C-4985-BD4C-4A3EEB5E6283
Request Chain 400
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=05029396-303C-4985-BD4C-4A3EEB5E6283 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDQydlZhSkdPVjVTMm1MbGlGSTF2b2l5Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6587855707529586187&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDUwMjkzOTYtMzAzQy00OTg1LUJENEMtNEEzRUVCNUU2Mjgz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGqds2SIqNn4fLIUu8KSGKI&google_cver=1
Request Chain 404
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6587855707529586187
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHnRnLFgluelEKlPCo8D4HU&google_cver=1
Request Chain 406
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI4ZGQ3MDhmZmI5NDUwYTI3OWZhOTRmMWY0MGI4MzAxZWJiYzg0Mg
Request Chain 408
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBCLQW1-20-HDXC
Request Chain 409
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=26vejRDcSXe2zSozGIa66A&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=26vejRDcSXe2zSozGIa66A
Request Chain 410
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jt1WjVOAQyalK17qBERklQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jt1WjVOAQyalK17qBERklQ
Request Chain 411
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCQ0xRVzEtMjAtSERYQw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBXBuJW_ctC3Jq3pLnKbMP8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCQ0xRVzEtMjAtSERYQw==&google_push=
Request Chain 412
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ghTLj80UsXsRPAv4PRwpnMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hOGqICRE2oK8cSLTG7lPm22jd1.7.TFbHZ176g--~A

414 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/
Redirect Chain
  • https://linkmktg.cutimes.com/click/32120067.20312/aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8_dXRtX3NvdXJjZT1...
  • https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut
  • https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-...
  • http://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=9a6b0d6a-9c5f-424d-91e2-30051614eaa2&source=https%3a%2f%2fwww.cutimes.com%2f2023%2f07%2f11%2fphishing-attack-exposes-personal-info-f...
  • https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=2...
67 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d505bfb6e138068c440dbb5d59df96078195f76b61ef0e2cb53d5f1d460b77
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
backend
templates_newlaw_director
cf-cache-status
DYNAMIC
cf-ray
7e9c78787a104d7a-FRA
content-encoding
br
content-language
de-DE
content-type
text/html;charset=utf-8
date
Thu, 20 Jul 2023 16:09:48 GMT
server
cloudflare
vary
accept-encoding
x-cache
MISS
x-frame-options
SAMEORIGIN
x-vnode
21

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7e9c7876fbe03a84-FRA
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Jul 2023 16:09:47 GMT
Location
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Referrer-Policy
origin-when-cross-origin
Server
cloudflare
Transfer-Encoding
chunked
X-AspNet-Version
4.0.30319
X-Powered-By
Server #2
X-Robots-Tag
noindex, nofollow
rocket-loader.min.js
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jul 2023 08:25:02 GMT
server
cloudflare
etag
W/"64b4fade-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7e9c787bbde04d7a-FRA
expires
Sat, 22 Jul 2023 16:09:48 GMT
fa-icons-lib.min.css
www.cutimes.com/assets/build/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12503
x-cache
HIT 7
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"4085-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bbde14d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
markets-lite.min.css
www.cutimes.com/assets/master-template/css/release/ 		221 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60670bfa41fd1644a433674a62c5aff53afa2ae138dc05071b9dd4ab89bc21b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"226291-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcde64d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 		105 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12503
x-cache
MISS
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"107730-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcde74d7a-FRA
x-vnode
145
expires
Thu, 20 Jul 2023 20:09:48 GMT
article.min.css
www.cutimes.com/assets/master-template/css/release/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/article.min.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f0de1d8895c746576eba91b82546a6b6f2ecaae43294fea315dda02d3d3b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 10
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"29741-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcde94d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
falcon-ui.css
www.cutimes.com/assets/css/ 		771 B
412 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/css/falcon-ui.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
MISS
ntcoent-length
771
x-cache
HIT 87
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"771-1689243974000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcdea4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
qkq4rhw.css
use.typekit.net/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 20 Jul 2023 16:09:48 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
pagination.css
www.cutimes.com/assets/master-template/css/plc/ 		4 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/plc/pagination.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 10
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"4295-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcdec4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
luminaries.css
www.cutimes.com/assets/master-template/css/market-css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e1fb43b65e0e05a7cc842ee37b5497d4c4a55ae467f9a5c58de2d7b18e8b79
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 10
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"6995-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787bcded4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		58 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=2855
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-mini-burger-white.webp"
content-length
58
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2855-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea9584d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		362 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=3368
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-search-white.webp"
content-length
362
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3368-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea95a4d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		166 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=1222
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="social-fb-white.webp"
content-length
166
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1222-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea95b4d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		354 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=1583
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="social-tw-white.webp"
content-length
354
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1583-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea95c4d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 		256 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=1413
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="social-li-white.webp"
content-length
256
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1413-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea95d4d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 		236 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=1322
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="nav-icon-sign-in.webp"
content-length
236
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"1322-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea95f4d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
ALM_Credit_Union_Times_white.png
www.cutimes.com/assets/master-template/images/market-images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=4365
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="ALM_Credit_Union_Times_white.webp"
content-length
2078
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"4365-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea9604d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
mini-home-white.png
www.cutimes.com/assets/master-template/images/ 		132 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/mini-home-white.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31d2dfc1978d5fe95f0e110bcd134a79a05c8d420e4df70165fe377b3d691c5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=2927
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="mini-home-white.webp"
content-length
132
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2927-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ea9634d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
reprints-permission.png
www.cutimes.com/assets/master-template/images/ 		378 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/reprints-permission.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04bcbf22aed03a8ea72525562e6a2c181a6781c856bf5208f4399a98cf54f02f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5116
cf-polished
origFmt=png, origSize=2435
x-cache
HIT 2
backend
templates_newlaw_director
content-disposition
inline; filename="reprints-permission.webp"
content-length
378
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"2435-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c787ed9b04d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
account-hacked-e1556042539566.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2019/04/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.cutimes.com/contrib/content/uploads/sites/413/2019/04/account-hacked-e1556042539566.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa8211790c5e7d1d331736c393cce99a527b011528c8c584bef0bc564b7a80f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
cf-cache-status
MISS
x-cache
HIT 24
backend
contribsreimg_prod_director
content-length
39757
last-modified
Tue, 23 Apr 2019 18:02:19 GMT
server
cloudflare
etag
"611c2b-9b4d-5873662cf8b4c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7e9c787ed9b44d7a-FRA
x-vnode
145
expires
Thu, 20 Jul 2023 20:09:49 GMT
styles.css
www.cutimes.com/assets/multishared/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/multishared/css/styles.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d90c0bc600472597b63efba08cf2f84214cb16b7f3df6487fe4a4b32c4bb3c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12502
cf-polished
origSize=18019
x-cache
MISS
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
minify
server
cloudflare
etag
W/"18019-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787e99534d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:48 GMT
email-decode.min.js
www.cutimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jul 2023 08:25:02 GMT
server
cloudflare
etag
W/"64b4fade-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7e9c787ea9564d7a-FRA
expires
Sat, 22 Jul 2023 16:09:48 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		0
90 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:43 GMT
server
AmazonS3
x-amz-request-id
2EAS5Z5T6B025Z5M
etag
"e54b279649ed01ece87834a2fc334f19"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=44934
accept-ranges
bytes
content-length
92046
x-amz-id-2
CiLbogCNkI0xYZ0nVgp+Gwd605tYUCncePzRnXs6f0Dt8gKbmB/MDnsDRtlRSDLAZ+gcnK33AhY=
qkq4rhw.css
use.typekit.net/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qkq4rhw.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 20 Jul 2023 16:09:48 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
906
bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12503
x-cache
MISS
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"107730-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c787ed9b14d7a-FRA
x-vnode
145
expires
Thu, 20 Jul 2023 20:09:48 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
hash-0.png
www.cutimes.com/assets/master-template/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/hash-0.png
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deee22321901c58c6baa27ad470951c2eff83eb98baa4e7f4d681e4d2905c54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
5115
cf-polished
origFmt=png, origSize=22074
x-cache
HIT 1
backend
templates_newlaw_director
content-disposition
inline; filename="hash-0.webp"
content-length
6550
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"22074-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78806bc04d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
CU_Times_Career_Center_Banner_ad_300x250.jpg
imageserver.amlaw.com/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageserver.amlaw.com/images/CU_Times_Career_Center_Banner_ad_300x250.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 17 May 2023 13:09:42 GMT
server
cloudflare
age
6516
etag
"1b4547d8c088d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7e9c78811c3c1ad7-FRA
content-length
34323
expires
Thu, 20 Jul 2023 20:09:48 GMT
CUTimes-300x250px.jpg
imageserver.amlaw.com/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageserver.amlaw.com/images/CUTimes-300x250px.jpg
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 28 Feb 2023 14:55:34 GMT
server
cloudflare
age
6516
etag
"bc7222b6844bd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7e9c78811c3e1ad7-FRA
content-length
36042
expires
Thu, 20 Jul 2023 20:09:48 GMT
l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18468
l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"0373618e2db17cca6330e4b11556968310f08eb7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33856
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32384
l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19288
l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a452 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer
https://use.typekit.net/qkq4rhw.css?2023-07-20-12
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
server
nginx
etag
"70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19412
fontawesome-webfont.woff2
www.cutimes.com/assets/master-template/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
cf-cache-status
HIT
age
295113
x-cache
MISS
backend
templates_newlaw_director
content-length
77160
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"77160-1689243974000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78807bdf4d7a-FRA
x-vnode
21
expires
Thu, 27 Jul 2023 16:09:48 GMT
bootstrap-master.min.js
www.cutimes.com/assets/master-template/js/release/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/bootstrap-master.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12502
x-cache
HIT 5
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"25286-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc674d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
sponsorships.js
www.cutimes.com/assets/multishared/js/ 		1 KB
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/multishared/js/sponsorships.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 74
backend
templates_newlaw_director
cteonnt-length
1454
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"1454-1689243974000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc714d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
jquery.history.js
www.cutimes.com/assets/js/core/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.history.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 10
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"21571-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc734d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
595722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6463
last-modified
Fri, 28 Aug 2020 22:36:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f4986fd-48b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKJM8nhUcN5QKPkBFax6M7zXaP3E1UTkHDkvEEtktflKnEp%2BRp0YE49%2BcdJcsusgToPIxUqr6SarlzPuA%2BgBKFSkVpt8gS3wZ8llI8fy%2BC2D9ztC9VrUpXCztlGj628UV%2BrRbBebqBtv7tzuspBW%2BJ%2Fz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e9c78816fb81e33-FRA
expires
Tue, 09 Jul 2024 16:09:49 GMT
jquery.touchSwipe.js
www.cutimes.com/assets/js/core/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"67916-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc754d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
tealium.js
www.cutimes.com/assets/master-template/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/tealium.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"4833-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc774d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
overlayForm.js
store.law.com/Registration/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store.law.com/Registration/js/overlayForm.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.226.82.212 Brooklyn, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / Server #1
Resource Hash
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 16:09:39 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
ClientProtocol
https
Last-Modified
Wed, 19 Jul 2023 22:40:48 GMT
Server
Microsoft-IIS/8.5
ETag
"058f7f92bad91:0"
X-Powered-By
Server #1
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public,max-age=900
Accept-Ranges
bytes
Content-Length
3647
common.min.js
www.cutimes.com/assets/master-template/js/release/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/common.min.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 8
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"54571-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc794d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
luminaries-rmr-tab.js
www.cutimes.com/assets/master-template/js/sbm/ 		3 KB
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"2698-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc7b4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
olytics_dfp.js
www.cutimes.com/assets/master-template/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"5676-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc7e4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
hide-article-image.js
www.cutimes.com/assets/sites/sbm/js/ 		731 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/sites/sbm/js/hide-article-image.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4fb2954bc2129533ffd10d39909549ad56a10907252158460e91642a8066221
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
ntcoent-length
731
x-cache
HIT 62
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"731-1689243974000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c7880dc804d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
jquery.stickit.min.js
www.cutimes.com/assets/master-template/js/release/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/jquery.stickit.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aff5614a231508d127ef71ee9cfeb2a3d24a42ae8aff6dd09305a822b480f1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12502
x-cache
HIT 4
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"9949-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c78811cdb4d7a-FRA
x-vnode
27
expires
Thu, 20 Jul 2023 20:09:48 GMT
article-share-tools.js
www.cutimes.com/assets/master-template/js/ 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/article-share-tools.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"11798-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c78811cdd4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
master-article-functions.js
www.cutimes.com/assets/master-template/js/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/master-article-functions.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34377483ff3aa917edd6efc5adef60b169de3b576b2dce9627b22f0392059b7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"14150-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c78811cde4d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
lazyloadXT.min.js
www.cutimes.com/assets/master-template/js/release/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
br
cf-cache-status
HIT
age
12502
x-cache
HIT 6
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"2937-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c78811cdf4d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:48 GMT
moatheader.js
z.moatads.com/almheader466656885399/ 		258 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almheader466656885399/moatheader.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fd2704988e75a4899b9bf6c42893ff16be17c50b5920ab9674fd7a97871358aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:43 GMT
server
AmazonS3
x-amz-request-id
2EAS5Z5T6B025Z5M
etag
"e54b279649ed01ece87834a2fc334f19"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=44934
accept-ranges
bytes
content-length
92046
x-amz-id-2
CiLbogCNkI0xYZ0nVgp+Gwd605tYUCncePzRnXs6f0Dt8gKbmB/MDnsDRtlRSDLAZ+gcnK33AhY=
hbyb.js
cdn.yourbow.com/alm/cutimes/ 		372 KB
373 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.141.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.141.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94bd8b828002f39cf37f40e1e740b4b6ce321465ba9f01c1cbb0100ce9a6736f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:07:57 GMT
age
112
x-guploader-uploadid
ADPycdvl04NPxkHRjbxSt-hleF7VWhDoP0TZdOQL5uatUCwwdusYjPhR_3TKiZZL0AwkGdEcjkhOK2zr3cVeK3ZjNN0JEA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381396
last-modified
Fri, 30 Jun 2023 21:42:05 GMT
server
UploadServer
etag
"f600533caf983ce4d076a838d4762e10"
x-goog-generation
1688161325754108
x-goog-hash
crc32c=ciPV9g==, md5=9gBTPK+YPOTQdqg41HYuEA==
content-type
text/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
381396
accept-ranges
bytes
bombora-rtvi.js
www.cutimes.com/assets/master-template/js/ 		1001 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
cf-cache-status
MISS
x-cache
HIT 74
backend
templates_newlaw_director
cteonnt-length
1001
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"1001-1689243974000"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c78811ce04d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:49 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2995670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3592
last-modified
Thu, 25 Jun 2020 01:22:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ef3fc71-2b0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kzME5wFSvUmk8pn5jLc7lBpuaCIzvHKhGODuIlZWnLh8Zrb2L93YnfPK0k50Fu9NY5RMrL8YaRaL00PHKcXPQp93cFBvIF2PocKEyovTDZRhgBrnE9ktGpnF7t%2BXlT9zvrWASQLPjHeH2Z%2B311wCvaj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e9c78816fbe1e33-FRA
expires
Tue, 09 Jul 2024 16:09:49 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3002405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcMPnoRHwkZ%2FcSNGiQUNV16%2FOyDUEfj%2BYKCJZSsbR3EMIpcyZCdu%2FvbTdK6vr5eGQ%2B5AXkGHizkOajqylvwqfrwfZmbxTcpyye2j2DJxvYopcBbAwYR8OssRZ%2F%2Ba1GnIUAryjGbUYJB3xaFtbIs50reF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e9c78816fc01e33-FRA
expires
Tue, 09 Jul 2024 16:09:49 GMT
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		0
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 08:40:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 08:40:47 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 15:22:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jul 2023 16:09:49 GMT
v2
mb.moatads.com/yi/ 		249 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHN3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WxEoYX5EcAEJWg%3D%3D&sc=1&os=1-uA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pcode=almheader466656885399&rx=32716902750&callback=MoatNadoAllJsonpRequest_14904812
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.242.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-242-168.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
32cf282a6609c0547a2b54c1ecf34dd920b5ffdd699a57a982053c7e45ea0ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"61ae77f0d7456aa374cfa1e5419f82caf4e2ba1f"
content-length
249
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/ 		86 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8jKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PHN3MCkutXpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-WxEoYX5EcAEJWg%3D%3D&sc=1&os=1-uA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1689869389243&de=839585718591&rx=32716902750&m=0&ar=c013c52fed3-clean&iw=ac9d704&q=1&cb=0&cu=1689869389243&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A3196%3A3196%3A3484%3A3183&fs=204627&na=904737473&cs=0&callback=MoatDataJsonpRequest_14904812
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.14.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-14-248.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
6dbc181be5382f742b2a8a27d6c4aa03b28d7e8716e30f19f70cb7b88e637399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"9c3ee2bde11c32e7f3584580916ea68279ddba8e"
content-length
86
content-type
text/html; charset=UTF-8
iframe.html
z.moatads.com/hd09824092/ Frame 50C9 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1393
content-length
1374
content-type
text/html
date
Thu, 20 Jul 2023 16:09:49 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
apstag.js
c.amazon-adsystem.com/aax2/ 		244 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:11:44 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 19:22:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
3486
x-amz-server-side-encryption
AES256
etag
W/"4c32a3d3ddb526b72e7dd25429eaaa2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
t2IGkR4VT2DjL75slCQRRo1dz992zyoQeCO10iMlg236qwTz8fdbcQ==
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/ 		250 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0ec6b927b371fe810fa20ec9b5c7a67520672a6123b29cfa8508cedc99c3f428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
6419
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 02 Jun 2023 00:54:56 GMT
server
Apache
etag
W/"256386-1685667296000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
m2aY6lqxc9PmJ88byPJe7z_DROQTjEB4ze0wHjVm_oikF7rfHfvczw==
expires
Fri, 07 Jul 2023 08:22:08 GMT
utag.js
tags.tiqcdn.com/utag/alm/main/prod/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64e8f1e333629dd9437bdafe98e339b83b4eac07666b8188c55895c6566a9685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
dtV7cOtWElfkyordImmKBLEfVzUOxlTA
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:52 GMT
last-modified
Thu, 13 Jul 2023 15:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
238
x-amz-server-side-encryption
AES256
etag
W/"ff5349737e1467b5d0866ea5a0ee3634"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
prONSFaWwNu7h-IyhG9lhjmxZOh4vGTgSnWRHtdKmkNsvzMgASGapA==
smart_cutimes.epl
www.dianomi.com/ Frame FDE8 		795 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab43f2c2e647035d6a708a00b4396b24e71077aefed99d89094a11eba4ca22c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e9c788449c492ad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 16:09:49 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smart_cutimes.epl
www.dianomi.com/ Frame 0EE3 		795 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7af805d989643087ea301fdbb521ed31a16f4c858371f9bbac53c93666c288f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e9c788459c792ad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 16:09:49 GMT
expires
now
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
s.dpmsrv.com/ 		353 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f9ccc65813b5f0a5c3e6c603cac19c9648615fc5c20824eaf088bb74376da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Wed, 19 Jul 2023 17:50:18 GMT
Content-Encoding
gzip
Via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Last-Modified
Wed, 19 Jul 2023 17:50:12 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
80372
ETag
"2a12d6977f8f9c6f5d08531eb952c953"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29282
X-Amz-Cf-Id
gCQiEUIq0OqWLdlkF7XSXWUAWXnFC2ijSNdL32iVUzaJEAcv6LgDpQ==
get
vi.ml314.com/ 		264 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
via
1.1 google
date
Thu, 20 Jul 2023 16:09:49 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/ 		539 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fc8aab911feb47f488a53f5a27e995b8efa25110345c22cbccb34cf095eac26d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare
x-powered-by
Express
etag
W/"86be1-IVmgeF5XEzmUkuMeIbsq0l70xUA"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7e9c7883cf209963-FRA
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 02:30:05 GMT
x-content-type-options
nosniff
age
481184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 02:30:05 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cutimes.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 13:50:28 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
8360
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1112
x-amz-cf-id
mdQXUfqmA-oFY6zQJ25J1jSQMDxCZronqP8-hTDZt1H1Kow-bHZIAw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 08:12:40 GMT
x-amz-cf-pop
FRA56-P3
age
29875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
OTdV81I7EImuqDdj3dRERO3E_DmC6uukgvarqh8m7Vt-YIGQ6fI31Q==
utag.119.js
tags.tiqcdn.com/utag/alm/main/prod/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01c439c54e599fe885c53fecad21b7273843dd035e2d7ab998e4c2581900d361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
xZbKhcy704iWtE8NEx7.Dep.VcO1_8I8
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:09:50 GMT
last-modified
Thu, 13 Jul 2023 15:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"4c993fccc7edae01bd552a9c1663fc2d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
DwSnnrws0z6etQ3rgZrKPC2acZxYwYHyqm1bg-FDUkHYNMqGhyq8sg==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595
362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595
Protocol
HTTP/1.1
Server
52.213.166.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-166-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
215627e87a5a7fcb308f7a77c698db211786c4617db8d72aac01c1b8d73e7440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-05e724381.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
gyde0Aq3TfY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
304
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-04c10efb4.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tnKIOIjqR3M=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.cutimes.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1689869389595
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.26.js
tags.tiqcdn.com/utag/alm/main/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c70235e175c45d743d92a816f5aec6d77fff3fdc834c5bd4ada31a728009553d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
n90_RkckJ8Ay7AC7qSjukch3QeSECTol
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:09:50 GMT
last-modified
Thu, 13 Jul 2023 15:57:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"6346258af0c82ffb6bb6cd750bcce6c6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
cgcJptbc9Lh82caOe1j_H7gd_jKBKo8ZpemG6IZc6z427FXOJzo55w==
utag.78.js
tags.tiqcdn.com/utag/alm/main/prod/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.78.js?utv=ut4.49.202307131556
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8284a9ccfdf84c574e0e3485c78f0ec8b751f0924e0dd73996270432610f23c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
RI_DhTC1sEjI5ZNWAr3262sgk7f7eGZp
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:08:35 GMT
last-modified
Thu, 13 Jul 2023 15:57:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
75
x-amz-server-side-encryption
AES256
etag
W/"6e6dba5a6a82258f81f8b6ef88207382"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
GcdUnLsAKvbhpyYrrb1xa2ffQ_KtGkXQkoMhpmCMH1wiakbWpeKMIw==
utag.115.js
tags.tiqcdn.com/utag/alm/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.115.js?utv=ut4.49.202006181642
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9ca815d1d2346468af9c775cf9568b8c0bb6c365f8c52d00fd78709e6b1a5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
xCeSTdmg3ts844.8j7kcXK0W5a85Kdwb
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:34 GMT
last-modified
Thu, 13 Jul 2023 15:57:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
256
x-amz-server-side-encryption
AES256
etag
W/"b85bde9a57e2158af4343b66b27b1133"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
2Dx3BuNcWJTYKRMouLcEa3yC3UQzBBKp6iR1ZLMziJ4dF0ioWrhWTw==
utag.116.js
tags.tiqcdn.com/utag/alm/main/prod/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.116.js?utv=ut4.49.202006181642
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28f9a5523d376d7a399bd4794568826eedc5db82f804b13f9030ca1e21b65850

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
VzokWVKHYoHsznnV2CX.RCNFkxBKT.Je
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:34 GMT
last-modified
Thu, 13 Jul 2023 15:57:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
256
x-amz-server-side-encryption
AES256
etag
W/"b5a92e8b95b937ba7ae74d13f02685ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
9VgUOlhhOUdpagYBgTr8e-1wSFIZ1i2SqRVK3xEuXtrkSdLeIdZXvQ==
utag.91.js
tags.tiqcdn.com/utag/alm/main/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.49.202208181401
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88355372063409f3eeeae5adf182c7c0210255e49497c5bec5b213188bb222a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
3qMSh6w2V.Xt51rg075d2tJyVuxu2TpX
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:09:50 GMT
last-modified
Thu, 13 Jul 2023 15:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"8cd0d5c8765555578d629c58a14f4f59"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
PrcUYIQcgXGhJ72LZ0St-Gl83hbrZMiVEm9Jcckb_jZumOpMt_U1Iw==
utag.110.js
tags.tiqcdn.com/utag/alm/main/prod/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3983d770263365a5b519a47da23d7cf8f3fb94eb9a8e1f39407fc595d98487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
pJw2OL7b1Ccw2xHfZFzaqGtsY5ulao4_
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:08:47 GMT
last-modified
Thu, 13 Jul 2023 15:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
63
x-amz-server-side-encryption
AES256
etag
W/"1d7fa0a177c80de3814d8de0e6582691"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
uJ3eWQXcOt-DflEEK6RecgtuWaXxqKEW4J5TD2Bf-Gd3-mG5y8RxIA==
utag.112.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdade80ef3c3afbcca324a570378a4e0f4d100a69cfbf8121fd14604ad1dfd35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
OTBL4vvykSfl7fQpt0mvc0rQY5SRFNPT
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:33 GMT
last-modified
Thu, 13 Jul 2023 15:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
266
x-amz-server-side-encryption
AES256
etag
W/"70b0fddc41c88f5093725d24e8d57be7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
fxoBl2L4HJRhuW8CJ14TXOhFcTFaquM5z9QIT8r3a3GxzSmsYzVYQg==
utag.133.js
tags.tiqcdn.com/utag/alm/main/prod/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.133.js?utv=ut4.49.202306261948
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04480e4261eb916539cea2887d835cdb4b36e75dffa53c678e9d2d9391163773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
PD2Jte8bd2Uhtbpu77blMMa_4V8yYnqv
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:46 GMT
last-modified
Thu, 13 Jul 2023 15:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
266
x-amz-server-side-encryption
AES256
etag
W/"a43775a82a29982bc44a0dc67c8b517f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
klYz8a1ur2Dxorv-XW1jnh5VQd_OZhiL8_S7H3-V4fdY_PC1vKV1Ew==
utag.97.js
tags.tiqcdn.com/utag/alm/main/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dba94d51a267c7eb9cf17bb490de15e92c9a576e719c50ec8ee61cf9ca97dd6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
KOU2gS88twpNmTif7Wb_p9U0IYea8lYj
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:05:46 GMT
last-modified
Thu, 13 Jul 2023 15:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
266
x-amz-server-side-encryption
AES256
etag
W/"9fb1e31e281664c98a46f2efc527bd0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
1KEYCagZaCpwVoe5b58c3CxR8Yo91jlx9Tb9mppFl4EWbist7WUh3Q==
utag.127.js
tags.tiqcdn.com/utag/alm/main/prod/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202302070009
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fddef57d600ce7b6e76d922a3e793f0b5c1694ad65dedc2a9fd140c2f4fbdbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
LuzmNdgFfDFpvqR4S6dd2pOgUr6.CXgM
content-encoding
br
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 16:09:50 GMT
last-modified
Thu, 13 Jul 2023 15:57:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
etag
W/"e4d399fe2302e714109609bb1bb907ac"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
P5bSsedwPd4RCN4pCr3EcZpDGQmaUksBucxrzDaKdMsshuUKUKBCTA==
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D198230%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
  • https://a.dpmsrv.com/dpmpxl/index.php?id=1486297697844927826&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=198230&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-expos...
247 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?id=1486297697844927826&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=198230&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
HTTP/1.1
Server
52.23.72.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-72-57.compute-1.amazonaws.com
Software
/
Resource Hash
55d50fd95fac9af9be19cef115f2e2a46a9329ebdf8458d8bcad55d2086e2c38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
218
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:49 GMT
an-x-request-uuid
67af22f5-0f3a-4ba9-8b99-1d5b33eb4141
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://a.dpmsrv.com/dpmpxl/index.php?id=1486297697844927826&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=198230&tzOffset=0&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 20 Jul 2023 16:24:49 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 20 Jul 2023 16:24:49 GMT
olytics
oqs.omeda.com/oqs/rest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Thu, 20 Jul 2023 16:09:49 GMT
Keep-Alive
timeout=5
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50454
x-xss-protection
0
server
cafe
etag
11145132637847916067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:49 GMT
olytics
oqs.omeda.com/oqs/rest/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 20 Jul 2023 16:09:49 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
15
X-XSS-Protection
1; mode=block
004f0c7b-bf8b-47d2-8be0-05c28168b37d
cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/ 		25 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/004f0c7b-bf8b-47d2-8be0-05c28168b37d
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 16:09:49 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
25
X-XSS-Protection
1; mode=block
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame 0EE3 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
17
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:37 GMT
server
cloudflare
etag
W/"c42d-600ea781b8280"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e9c78858af592ad-FRA
expires
Thu, 20 Jul 2023 16:11:49 GMT
tcfredirector.js
www.dianomi.com/js/contextfeed/ Frame FDE8 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed/tcfredirector.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
17
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 20 Jul 2023 12:41:37 GMT
server
cloudflare
etag
W/"c42d-600ea781b8280"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e9c78858afb92ad-FRA
expires
Thu, 20 Jul 2023 16:11:49 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-84.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:02:42 GMT
content-encoding
gzip
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
428
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
sAQ9Q2uravu2mrIrWWJu8nCmXDXkZSKkBPYt0P2z-kNInsNzI9JF7Q==
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?206
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:39:47 GMT
content-encoding
br
age
1802
x-guploader-uploadid
ADPycds6f1zyf-uczr1c_lPWb9a4lxN8SpoxOhVhye81BFGKILoZFMlierMFCn_TN1NaPp-LisM7H07XHrFE8eZEovxAlvNaf-F8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10523
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
FRA-fa985ced
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		181 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-826604080
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1462a0162c42f711454ccaf99bb5fd8aef98f3ba33e44ae1aca8f43c1cbda86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67698
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Jul 2023 16:09:49 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230071-FRA
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e22de2f3daa81640b661557e04b0078e450dca1b4ac96005d657c6bc2f3ec28
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Jul 2023 16:09:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46993
x-xss-protection
0
pragma
public
x-fb-debug
mGwT9YPtaIFR4PI+ZclAmNK+/QfOifBwDX5JYTbE2GfCFDdhexV0g+q24UyLD9e0fPKQdelZSyFs2sQ6lKjsTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202103192340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 18:38:47 GMT
content-encoding
gzip
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:35:23 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
77462
etag
W/"649b804b-9482"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
woxQYvwwRf6HmJE--aJ8BA41E3G1ZFttocYssG3SwnUPtA-TQNuMQw==
expires
Thu, 20 Jul 2023 18:38:47 GMT
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 20 Jul 2023 05:30:25 GMT
Server
PardotServer
etag
"15f4-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1988
expires
Sat, 19 Jul 2025 16:09:50 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 20 Jul 2023 16:24:49 GMT
utsync.ashx
ml314.com/ 		62 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pv=1689869389832_y9oounw7b&bl=en-us&cb=1225134&return=&ht=&d=&dc=&si=1689869389832_y9oounw7b&cid=News%7CCybersecurity%20and%20Privacy&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:49 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
adsct
t.co/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=48ad239d-a09b-4513-9470-c52b08ad13db&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7ee04900-04ea-4750-b64c-c0c3176dadec&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-response-time
116
date
Thu, 20 Jul 2023 16:09:49 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
3704bf95eb3051e1
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
db1c1673da3cfae83af5930e7199d33dc52b4f48052fd884fd25d0ed14e0df3b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=48ad239d-a09b-4513-9470-c52b08ad13db&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7ee04900-04ea-4750-b64c-c0c3176dadec&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-response-time
168
date
Thu, 20 Jul 2023 16:09:49 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
16bd115b19fa055b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
fe6d4177d7dd3a8400fb714c523fce4ec1015c0e1e8b8ce14325ca395c6a4e05
content-length
43
gpt.js
www.googletagservices.com/tag/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27608
x-xss-protection
0
server
cafe
etag
215 / 19558 / m202307170101 / config-hash: 18068557960631788746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:50 GMT
pageview
api.sail-track.com/v1/track/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 20 Jul 2023 16:09:50 GMT
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230620120946&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 20 Jul 2023 16:09:50 GMT
pageview
api.sail-track.com/v1/track/event/ 		120 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
5678d6d105412bc3ca9e1ca7dbc451c151cc3131069141fc20ba56503941d916

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer 2ade0f4fc48d975844a60d5bcb4e9650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
120
initialize
api.sail-personalize.com/v1/personalize/ 		92 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=1&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230620120946&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
ef97b048fbe5aacbf85f456cdfcd4a4d8beaf2f77c1c9fb20b47b9299d4828d3

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer 2ade0f4fc48d975844a60d5bcb4e9650
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.cutimes.com/
x-referring-url
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
92
pageview
api.sail-track.com/v1/track/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Thu, 20 Jul 2023 16:09:50 GMT
pageview
api.sail-track.com/v1/track/event/ 		120 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-track.com/v1/track/event/pageview
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.104.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a710cf531d4cd2506.awsglobalaccelerator.com
Software
/
Resource Hash
9614340c447e0bdaa2614f1389343e6fe85307322237f88722dc9ca0a7386abd

Request headers

Accept
application/json
Referer
https://www.cutimes.com/
X-Lib-Version
v1.0.1
accept-language
de-DE,de;q=0.9
Authorization
Bearer bbe35466469593b785eef4ab32700018
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
allowedorigins
*
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
120
initialize
api.sail-personalize.com/v1/personalize/ 		91 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230620120946&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
8c9a66917c90d7bc4fa572a79659bf85ac4a9a4a7063f99e694b2ae9a6d38b02

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer bbe35466469593b785eef4ab32700018
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.cutimes.com/
x-referring-url
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
91
initialize
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/initialize?pageviews=2&isMobile=0&page=utm_source%3Demail&page=utm_medium%3Dpromo&page=utm_campaign%3Dtech_hub&page=utm_content%3D072023&page=utm_term%3Dcut&page=slreturn%3D20230620120946&userIdKey=hid&userIdValue=0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.cutimes.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Thu, 20 Jul 2023 16:09:50 GMT
dest5.html
alm.demdex.net/ Frame 11F6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alm.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-125-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
EUFPSSn1SFA=
content-encoding
gzip
date
Thu, 20 Jul 2023 16:09:50 GMT
last-modified
Wed, 28 Jun 2023 13:20:50 GMT
transfer-encoding
chunked
vary
accept-encoding
id
b.law.com/ 		48 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.law.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=19645530040489912932445935970873562087&ts=1689869389943
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
4d5c58fd6c397f805178f269b6238cd6502e50ed2fa51cff3434ec22b2d07824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZLlcTgAAANzPFANn
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=15142237836033583333436617876535041447
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLlcTgAAANzPFANn
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLlcTgAAANzPFANn
Protocol
HTTP/1.1
Server
52.213.166.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-166-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0fc891792.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qHyg6BHuRMQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZLlcTgAAANzPFANn
Date
Thu, 20 Jul 2023 16:09:50 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
2429680573784973
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2429680573784973?v=2.9.115&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bbc7d3dde7c47781ade63f743e9d16780486e1da225dcec1eea43afed562915
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Jul 2023 16:09:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
QUBGiic2lEJJQvof2HhGV02r/Hs2vF5I+ee+HW85VkQ8j+vlVFJuCkuzT/XzsN3i2XxAMI18o3Xc9f57TT94nw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 20 Jul 2023 16:39:50 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1689869389984&cv=11&fst=1689869389984&bg=ffffff&guid=ON&async=1&gtm=45be37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&hn=www.googleadservices.com&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=937222918.1689869390&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826604080
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3f2f444bdaf98beafed3260cf6c8e2267d8bfd11cde876b29a1f7c01613c92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1505
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F&u=CC9AXWDlCvYXDSoM2g&d=cutimes.com&g=46802&g0=%7C%7C&g1=Natasha%20Chilingerian&n=1&f=00001&c=0&x=0&m=0&y=5936&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&b=3482&_c=tech_hub&_m=promo&_x=email&_y=072023&_z=cut&t=DxshEQD5P79DDpaQmx-P6vGBuDM4t&V=140&i=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&tz=0&sn=1&sv=o70RTBcZQbFBUrZuxCzhjnDC6u9Q5&sd=1&im=066b2e73&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.29.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-29-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
olytics.css
olytics.omeda.com/olytics/css/v3/p/ 		28 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 10:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
20865
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 27 Aug 2021 04:05:28 GMT
server
Apache
etag
W/"28820-1630037128000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-id
wWnWvjFBKFCyCQSipCitV0cVLikecXrdnk6RR7HEijaXYZXW-guh2Q==
expires
Thu, 06 Jul 2023 09:21:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202305251732
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f49459b38aaee706c6de7947326d1e09d28db1c714d70ecf5746ec3f40d080e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27630
x-xss-protection
0
server
cafe
etag
861 / 19558 / 31076241 / config-hash: 18068557960631788746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:50 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&rl=&if=false&ts=1689869390119&sw=1600&sh=1200&v=2.9.115&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1689869390119.1189153730&it=1689869389961&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Jul 2023 16:09:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
s99193748281166
b.law.com/b/ss/almcut,almglobal/1/JS-1.6/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.law.com/b/ss/almcut,almglobal/1/JS-1.6/s99193748281166?AQB=1&ndh=1&pf=1&t=20%2F6%2F2023%2016%3A9%3A50%204%200&mid=19645530040489912932445935970873562087&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&pageName=cut%3Ajump%3Aheg45emjfhi&g=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cc=USD&ch=cut%3Ajump%3Ablog&server=cut&v0=promo%3Aemail%3Atech_hub%3A072023%3Acut&events=event4%2Cevent1%2Cevent3&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=welcomewall&v1=D%3Dc1&l1=D%3Dc73&c11=heg45emjfhi&v11=D%3Dc11&c12=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members&v12=D%3Dc12&c14=Natasha%20Chilingerian&v14=D%3Dc14&c15=CUT&v15=D%3Dc15&c16=registered&v16=D%3Dc16&v24=cut&c30=article&v30=D%3Dc30&c31=false&v31=false&c33=jump%3Aregistered&v33=D%3Dc33&c40=26&c41=12%3A00pm&v41=D%3Dc41&c42=thursday&v42=D%3Dc42&c50=413-196245&v50=413-196245&c51=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members&v51=D%3Dc51&c60=false&v60=false&c61=2023-07-11&v61=D%3Dc61&c62=33&v62=33&c67=DENYREFERERNOTALLOWED&v67=D%3Dc67&c70=D%3Dv0&v70=D%3Dv0&c73=News%7CCybersecurity%20and%20Privacy&v73=D%3Dc73&c75=news&v75=news&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 21 Jul 2023 16:09:50 GMT
server
jag
etag
3628966882991079424-4619726936519095461
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 19 Jul 2023 16:09:50 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
caea5079fc5f3425d68486e1da462a84df0ba9205ceb229dd49188ec9511775d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
651
date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jul 2023 14:41:28 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=64112
accept-ranges
bytes
content-length
491
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202307131556&cb=1689869390164
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:d800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Thu, 20 Jul 2023 16:07:31 GMT
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
jVe3dBMM8fyDMMhgDx5Co2BhuhDXwGsCOtxUEahDoJpIO_ZZA8FQwg==
analytics
pi.pardot.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-120-28.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
e7c6e28810bff5b56212366fc339e407f4897965ceb851343020bceabef1e10c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
Accept-Encoding,User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
532
expires
Thu, 19 Nov 1981 08:52:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:23:24 GMT
server
Apache
etag
"31332-5eaee9adb933b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59461
expires
Thu, 20 Jul 2023 16:24:50 GMT
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
date
Thu, 20 Jul 2023 08:36:07 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
27224
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
TyX3mXUnJo-rh3atp5-T9LOJZDjAhU-q4fdZo9jbObaMplsaT41bcg==
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=1486297697844927826&pixelIndex=0
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=1486297697844927826&pixelIndex=0&google_tc=
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1486297697844927826&pixelIndex=0&google_gid=CAESENQ_N4pFrRF3Oh6pUNqXk5g&google_cver=1
0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1486297697844927826&pixelIndex=0&google_gid=CAESENQ_N4pFrRF3Oh6pUNqXk5g&google_cver=1
Protocol
HTTP/1.1
Server
52.23.72.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-72-57.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=1486297697844927826&pixelIndex=0&google_gid=CAESENQ_N4pFrRF3Oh6pUNqXk5g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
423396.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/423396.gif?partner_uid=1486297697844927826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:00:14 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=75567
accept-ranges
bytes
content-length
4862
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 		385 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 05:49:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37241
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:49:09 GMT
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7e9c788adbf703e4-FRA
date
Thu, 20 Jul 2023 16:09:50 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
x-powered-by
Express
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7e9c788d3a8603e4-FRA
content-length
15
token
cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/714530/domain/cutimes.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:bc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:45:32 GMT
content-encoding
gzip
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1458
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
HzY22rLO6NapzPeS28Ch3tLdyDts_bwSFDuXZMLval8QkTn-czw75w==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1689869390432%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F202...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cookiesTest=true&liSync=true&e_ipv6=AQJsIjJma2L4tgAAAYl0EJZgYLuZZEZubY5LKOLd2GVFdunF4c5jm5cfdWfgQd5IolCbne8
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4D4311E9A1EB47DAA73D950F1EB96174 Ref B: FRAEDGE1907 Ref C: 2023-07-20T16:09:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYA7WDQFPK0ZgslpVB/hg==

Redirect headers

date
Thu, 20 Jul 2023 16:09:51 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B80A02665A434AE3B341879F84A474E5 Ref B: DUS30EDGE0715 Ref C: 2023-07-20T16:09:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1689869390432&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&cookiesTest=true&liSync=true&e_ipv6=AQJsIjJma2L4tgAAAYl0EJZgYLuZZEZubY5LKOLd2GVFdunF4c5jm5cfdWfgQd5IolCbne8
x-li-proto
http/2
content-length
0
x-li-uuid
AAYA7WDLScwzPnXv11QWMA==
article-share-tools.js
www.cutimes.com/assets/master-template/js/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/assets/master-template/js/article-share-tools.js?2023-07-20-12
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e018091a55ef9c6468213d7ce4d295a1dad2c1454cf6986e226b79ba1db6d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
cf-cache-status
HIT
age
1
x-cache
HIT 9
backend
templates_newlaw_director
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
server
cloudflare
etag
W/"11798-1689243974000"
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7e9c788a48114d7a-FRA
x-vnode
21
expires
Thu, 20 Jul 2023 20:09:50 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=0&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
ATWB13SE4M6WBD05CPNM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
55z8KxBITIj05IG8oKNF_a2TkGVVEc2L5JQXjQ3gVWcPMC2DKuPS5w==
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 20 Jul 2023 16:09:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		567 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=105ceeb127d8c26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.7177838466715074
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cf979941e65d77026e6ff772621039c60ca51858cbb99228b5006fa96693d3ad

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
567
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		567 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=11135255d3c0e0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.3075667931383157
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6603811ed7154fa9d63a93018705afce42e27e3699db243f0d9f5cf72e320c63

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
567
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		567 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=12f26a537bad20a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.6987183446241552
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
86ef5381d049713cf3fc6e30336ecdc32127e47ab1876ffc33d181c179083d56

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
567
expires
Wed, 17 Sep 1975 21:32:10 GMT
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250...
551 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cf92aaded3ed4933cfc300fdb186612632818b4dbc69a234069944c4b4ec7624

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
551
x-sid
AMS-929

Redirect headers

date
Thu, 20 Jul 2023 16:09:50 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ad141afb9d4835cba9a1535abf21099f34757d846c061b7e92071568281f5141
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
e3006390-4974-4835-9b41-9a422c3bab1f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
361
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
592f9218af2d2c216bca48627d6f78d860b42fad609ff8aedb75f5baf073b56a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
72f68e67dc5244a4782f299fd9a10b0954b16e68d809df521720d2f3257d6b41

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:50 GMT
bid
ap.lijit.com/rtb/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
f65d432d4eaf03f05909dbb86ce21d3f59091432336a3b06edb31ff9b459ee25

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3fa249cd55f43986033ecf0fbb4f228341803a00f7eef0c4e3b91f50f5659f43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
02c97d36-8ff7-4e10-83cd-60928785557a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
360
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=1&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
FXVY3BWPZHC6A94BVT11
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wL_wEkiYgaQ_CohePPaOWJAfuiHmMeoO5TVkRpqRB-ZoQFqUqpBV_Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		58 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=2&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a6d67f1609a53af7e6c53cb2178b20dd9ffa85eff3c35b7184d73273684e30eb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
GKR2FZKAKAXX60J2DCV3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
58
x-amz-cf-id
r_b82Tvk3jVxmLMzu-iTIDy-LxwCP_017eveQNTOcgWc1DFVwEjt3g==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230620120946%22%2C%22lv%22%3A%2223.717.1557%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
WXVNWK9NEKWCPNS5J615
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
nKEuMCev9V2CIzhw-jDgoIymY7nSELlI_Oa4ef9Zd4S6i8y-HERy7g==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230620120946%22%2C%22lv%22%3A%2223.717.1557%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
QRS1PAEGK03RNHASR6PK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
dW2HVewSOHy3mz3W54-kYxdwppTemM2k1FaE0JeYfuCQT7lDeuQgUg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=3&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
443SQ58HM89014ETCR5H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MIkUiv5qXb5unhXO5MQwqxoPYt2ZRqGF-nh3raRaoh1z76JqQduwNQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=4&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-footer%22%2C%22s%22%3A%5B%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
DXFES22QC4KP3NHBW9WY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mLcbXfdsbquS1y6HXf144ODLfFDIlgkrVUwsWx5VC8TIeuC3cL_84A==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pid=gdnyNHmwuBO6P&cb=5&ws=1600x1200&v=23.717.1557&t=900&slots=%5B%7B%22sd%22%3A%22gpt-super_hero%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Farticledisplay%22%7D%5D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
6FBX19K77QFBB2KS1FRF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4mZOHU_LFeCOEE01uwkDvOWN6A774ShZrANm2qEkZvbZGHBXB7guYw==
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-per...
515 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d6b05228822f7114e460bd7bfefa0a002fc64358cdc115daf90ebb989641b5bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
515
x-sid
AMS-929

Redirect headers

date
Thu, 20 Jul 2023 16:09:50 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:49 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4c19ed6bf2956ac34e523859316f7fbf0059d715e6b5542757919905490a8e0a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 20 Jul 2023 16:09:49 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		545 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=20973dfe6a80795c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.09866171959953096
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
096b44fceb4950630d90f42d758c9568bd5ce604fbfeea62f4c952b27409f020

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
545
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
40624b0c8c9f114513934e41b1098ab098ae971fb389f89fa1e4386a377aa40f

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		140 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
92780d6f3960751f1e13c7ad8fdfabdfb84914736581a3d7d6cf392bc29b2bec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
83a92184-fd50-44e8-a734-931f8e9a30c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4ad52c718f5bbf085e3dc1aa17fe512423da20d57597f3845af666e53aef39c

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:50 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
60f62ef961fc74b18d09a2811eb575746262cad19ad797294ba77125a3da9685
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
97979441-a3fb-47fc-b33a-4dc63fdd05df
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22db83f9c6-a698-4a6a-89fb-c29c85426748%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.cutimes.com%252F2023%252F07%252F11%252Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%252F%253Futm_source%253Demail%2526utm_medium%253Dpromo%2526utm_campaign%253Dtech_hub%2526utm_content%253D072023%2526utm_term%253Dcut%2526slreturn%253D20230620120946%22%2C%22lv%22%3A%2223.717.1557%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
JQ5SNQY0PJ82BVXGV051
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
-vw5LKF1NMNhWuONdLuaEKNx9ygxJMqbhVcqKvr4NsNAuFrQqlSVXg==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jul 2023 16:09:50 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2429680573784973&ev=Microdata&dl=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&rl=&if=false&ts=1689869390784&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times%22%2C%22og%3Asite_name%22%3A%22Credit%20Union%20Times%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.cutimes.com%2Fcontrib%2Fcontent%2Fuploads%2Fsites%2F413%2F2019%2F04%2Faccount-hacked-e1556042539566.jpg%22%2C%22og%3Adescription%22%3A%22Posing%20as%20a%20third-party%20vendor%2C%20a%20fraudster%20gains%20access%20to%20a%20sensitive%20document%20within%20a%20CU%20employee%E2%80%99s%20email%20account.%20%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.115&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1689869390119.1189153730&it=1689869389961&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Jul 2023 16:09:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
p
cdp.omeda.com/olytics/segments/ 		20 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 20 Jul 2023 16:09:51 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
20
X-XSS-Protection
1; mode=block
p
cdp.omeda.com/olytics/segments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdp.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cutimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
0
Date
Thu, 20 Jul 2023 16:09:55 GMT
Keep-Alive
timeout=5
Server
Apache
vary
access-control-request-method,Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		939 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=735955477036765&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=1&adks=3886971663&sfv=1-0-40&prev_scp=position%3Des_logo_rr&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390813&lmt=1689869390&adxs=1069&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d3570572457e869a2da22c2ac90d49fec37b9e5b71b39d2176013037df40517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
534
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 493F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:50 GMT
expires
Fri, 19 Jul 2024 16:09:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=4116947034277846&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=317984099&sfv=1-0-40&ists=1&prev_scp=position%3Dinterstitial&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390831&lmt=1689869390&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1600x5935&msz=1600x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c322cea2765ba6b4111f75b8a73cc1bdc6121f6035cb2c58cef368a70e96b323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=2338185375864257&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=3&adks=577681522&sfv=1-0-40&prev_scp=position%3Des_sponsorship_logo&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390837&lmt=1689869390&adxs=215&adys=290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1170x277&msz=1170x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e16d16a551c77a708408af754c372411359266ab77cb01d995a71a194d21599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		554 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=3546174222985574&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&ifi=4&adks=2255433210&sfv=1-0-40&prev_scp=position%3Des_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390841&lmt=1689869390&adxs=255&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1600x5935&msz=1600x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a7d888b4920f32ce4d9e9a8b5a3a26ed182813b273a17ab4a548bfb1835d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		555 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=154353085167418&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&ifi=5&adks=2057679260&sfv=1-0-40&prev_scp=position%3Des_rr_module&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390852&lmt=1689869390&adxs=1069&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
067f60acd6e45bd012981c3ea23b0a55250e788c84b39bb41e517033ea362285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=3503610134644832&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=6&adks=3915647274&sfv=1-0-40&prev_scp=position%3Des_logo_pushdown&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie_enabled=1&abxe=1&dt=1689869390857&lmt=1689869390&adxs=260&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1600x5935&msz=1080x0&fws=0&ohw=0&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c68f97757a72f1fac4fcd1a498bac14473644e0d8ee94eaf5202f8bc22b7d1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fp...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F0...
531 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8a062f1fda2e8f00ac81a5d4cf9282cf1b0810c9819957e283f3d0020f4e510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
531
x-sid
AMS-929

Redirect headers

date
Thu, 20 Jul 2023 16:09:50 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		249 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f2a85f8d7460255632c5cb5fbe93eb75f6fc6b71de4e0e2d29ec1101f8ba0114
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
aaa50310-f6b1-4a26-a5c9-ec74c7884f24
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
249
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b88acb6411d8c9354c27b3dce2fd061c7ede2caa986df57936bca7093ed3f70

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:50 GMT
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=72301279a6a4496&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.22592197152465499
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0bc34c3cfd208b5cffee40b63a28cde9c8ff00aadd8b49051b4970a5f9f34234

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
564
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		564 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=737c584d215cf23&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.06592600390962855
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3461fc06e6c273cb213a590c347cbaee98df764324dff57b31b8cc72a9301b41

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
564
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
758718f76bd76e69acd9d56ea08ef4919e350c80cd9cd1445aa1f35499747a00

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		250 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
901d063fca086350f7dc3367b637f16984fd639c1c4a3258b50290ccc9c22b20
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
7ca94642-c034-486c-8912-e14b699ce4d6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
49d0f32e1b8ee77e36e1e3b895aac7b0e04c6ee04bbcca3f3f94b3ec624a3efe

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
49708326f3cd03bbb5fb318ced7b0f2ee72c14a3b8fdfd0b3c74cf95ee397517

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:50 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
prebid.media.net/rtb/ 		1 KB
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d66f516fc5deb46f3128652614583070e91bf4316a89f68c64acb33235727f20

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:50 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F...
  • https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F20...
533 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c8a8625a1390f1d9a9a55e250409f4fae1bc8e4b6406d04fc09fc8e80aa0b65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
533
x-sid
AMS-929

Redirect headers

date
Thu, 20 Jul 2023 16:09:50 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
access-control-allow-origin
https://www.cutimes.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
prebid
ib.adnxs.com/ut/v3/ 		251 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e7d0238ca953200c82e3a3dce0c8d3185e8d21f6ee67a1f3c850d01cc61318c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
31bb3032-c986-4ede-934d-2bfe459a37fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
251
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
819366176b8e94fe5ce5294472ec4acb73e7ea7e31e278fb550dd7e6fc9304ac

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:50 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		251 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d20ebe3acfd8825cc8a7b35621548f8d4e67b109b44a6d0e762dd97865519191
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
an-x-request-uuid
d0cd9e31-caeb-400c-a418-8f8a8befe599
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
251
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
36
server
envoy
vary
origin, Accept-Encoding
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=120e12ebf2234b76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.07313748834338196
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
affa3522dddba043271bd195dafc0dec26fa46878c6a4ca42488a3fcbcc5bebb

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=12166d2c1f80fe1d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.9131872199828655
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8326609049d7f7e454ce3aa74890aeaacb3a922195ba01efd92be0ce9b423aae

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
analytics
go.alm.com/ 		50 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.alm.com/analytics?conly=true&visitor_id=121747002&visitor_id_sign=1df60902cf1a72b6622b89761d220ba1a338ff154b418aa1a94604f6cb416cb2ca583ea6c89dda7b30ebadd06d8729692d97e5e9&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014,754%20NIHFCU%20Members%20|%20Credit%20Union%20Times&url=https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&referrer=&utm_campaign=tech_hub&utm_medium=promo&utm_source=email&utm_content=072023&utm_term=cut
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:51 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
Server
PardotServer
vary
User-Agent
Content-Type
text/javascript; charset=utf-8
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
50
expires
Thu, 19 Nov 1981 08:52:00 GMT
syncframe
gum.criteo.com/ Frame 6E19 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.cutimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:50 GMT
server
Kestrel
server-processing-duration-in-ticks
243065
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
invisible.js
www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/ Frame 527A
Redirect Chain
  • https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/invisible.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/invisible.js
Protocol
H2
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4119b57fc4f1eb11ebae7a392bda7efcef99df3e1dc418d5f4642d10921e4e35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e9c788e4cdc4d7a-FRA

Redirect headers

location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/49c24b54/invisible.js
access-control-allow-origin
*
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7e9c788ddc574d7a-FRA
vary
accept-encoding
css
fonts.googleapis.com/ 		8 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 15:55:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jul 2023 16:09:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c49aee0de30b0a3f66b0e8607727fef85fe168f04d39161b77ba9802e2948676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11873
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/gif
/
geoip.alm.com/json/ 		182 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.alm.com/json/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.226.85.63 Newport, United States, ASN16524 (METTEL, US),
Reverse DNS
Software
/
Resource Hash
999b8b263c85b21e12d982f05551ea8969318be655f8276697b12e0db7f202ad

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.cutimes.com
Date
Thu, 20 Jul 2023 16:09:51 GMT
Access-Control-Allow-Credentials
true
X-Database-Date
Sat, 15 Jul 2023 08:05:02 GMT
Content-Length
182
Vary
Origin
Content-Type
application/json
/
www.google.com/pagead/1p-user-list/826604080/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/826604080/?random=1689869389984&cv=11&fst=1689868800000&bg=ffffff&guid=ON&async=1&gtm=45be37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=951051667&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/826604080/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/826604080/?random=1689869389984&cv=11&fst=1689868800000&bg=ffffff&guid=ON&async=1&gtm=45be37h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=0&tiba=Phishing%20Attack%20Exposes%20Personal%20Info%20for%2014%2C754%20NIHFCU%20Members%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=951051667&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 16:09:51 GMT
7e9c78787a104d7a
www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 527A 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/cv/result/7e9c78787a104d7a
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
server
cloudflare
cf-ray
7e9c788f6e184d7a-FRA
content-type
text/plain; charset=UTF-8
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options
nosniff
age
488887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:21:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options
nosniff
age
488887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:21:44 GMT
sid
mug.criteo.com/ Frame 6E19
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=WVyO_Hw5ZnBWSlI1ZjlDUGZLUWtjZWhFU2NrcE9ZVm1OaVhPUkF1NWpZOVBiTjB0emVNUzhVMjRPdk55eXQxYU04bzZPMkJmTzM3cUtjTnVMU1A0dk91TWNrZC9kOEU3cUNGSlVVV0JFeWk3K01hSTlGM2ZEVVBIUlBpWU...
430 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WVyO_Hw5ZnBWSlI1ZjlDUGZLUWtjZWhFU2NrcE9ZVm1OaVhPUkF1NWpZOVBiTjB0emVNUzhVMjRPdk55eXQxYU04bzZPMkJmTzM3cUtjTnVMU1A0dk91TWNrZC9kOEU3cUNGSlVVV0JFeWk3K01hSTlGM2ZEVVBIUlBpWUxZT2I1NUhtMmh0bCtqYTF4eEh6Z3hqUnY0dlB1Yy9OamRQMGVhWkU3QmRkekcvRG11MUs3bExwdllrQVp6Nmdua2RmT2JtSTBmSHB2U3pqRXFZQmxrUER0d3JaVGl3dStKWjFFRWV3VFVTK0c0NXp2YjRTWDJMRHUxbUN0aytJL2JLb0t3ZytSOW5vNlN2UXRHTkRnekdVZE5IQlF6Zz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
453807dfdcfa6e34f4ad679c653c96187a3a5f0f452cb6386f89f65e4a949769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1469431
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=WVyO_Hw5ZnBWSlI1ZjlDUGZLUWtjZWhFU2NrcE9ZVm1OaVhPUkF1NWpZOVBiTjB0emVNUzhVMjRPdk55eXQxYU04bzZPMkJmTzM3cUtjTnVMU1A0dk91TWNrZC9kOEU3cUNGSlVVV0JFeWk3K01hSTlGM2ZEVVBIUlBpWUxZT2I1NUhtMmh0bCtqYTF4eEh6Z3hqUnY0dlB1Yy9OamRQMGVhWkU3QmRkekcvRG11MUs3bExwdllrQVp6Nmdua2RmT2JtSTBmSHB2U3pqRXFZQmxrUER0d3JaVGl3dStKWjFFRWV3VFVTK0c0NXp2YjRTWDJMRHUxbUN0aytJL2JLb0t3ZytSOW5vNlN2UXRHTkRnekdVZE5IQlF6Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
234701
content-length
0
expires
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		252 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e9167b6b2e77b9f2e5ee45af4127b013dfc59d54e231437f5125ec07b4747a1a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
an-x-request-uuid
3a431e5c-4651-46f0-b478-76fc20aad658
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
dc8fa03f97fe8f4a5919c30ddf2661907b9baa05c11e7fbd3ff3cef0a4b2868f

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=13237cc9f7215459&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.22148448212563743
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6fda9c63d8f5b2066251999e9b075da2a916ab19f28a614385b95335772de94

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=1335a6f24630e2db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.9746914971759761
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eebdf997116ef270b66926000da1647e3683a98699678be246270bde570ab416

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b80d82f9e3bf8ae6dd3266fd6fde9d66904149fd3975290810165f99c7188c9

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:51 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 20 Jul 2023 16:09:50 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
an-x-request-uuid
dde8553d-8a9a-4516-a901-8d19e552828b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ROS
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 		533 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c8a8625a1390f1d9a9a55e250409f4fae1bc8e4b6406d04fc09fc8e80aa0b65b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
533
x-sid
AMS-929
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
680793037903a79a43b1b6568dbe489e27bacfd8a2a1b4a741141411df3195b8

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 20 Jul 2023 16:09:50 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.2.0
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
8d75d6fffbf49b9d12e24a095b98fa4e957bbaa22b8d801ecd42ad8ed6f0fdbc

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		252 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c89eba5ed5ec36c3006816aa767c4659b0e45e408d4e10fb6eab9950d921ee6a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
an-x-request-uuid
e47cfcbf-1ecf-474e-9695-3da7ce57caee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		252 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a76cbc06ab4c0c78941bd339db0f17f5da4111217648b960d9a4de75d25ef3fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
an-x-request-uuid
684c7e1c-22d5-4627-94b8-4e06c1738916
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
252
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:50 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ROS
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 		533 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.6846457364377505&e=300x250_0%3A300x250%2C970x90%2B300x250_1%3A300x250%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&pbv=8.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c8a8625a1390f1d9a9a55e250409f4fae1bc8e4b6406d04fc09fc8e80aa0b65b

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 20 Jul 2023 16:09:51 GMT
date
Thu, 20 Jul 2023 16:09:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.cutimes.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
533
x-sid
AMS-929
prebid
prebid.media.net/rtb/ 		1 KB
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
945d3b796703939632c863b881e532cfcea144d651b6ae7a46237f0c8531c8b7

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jul 2023 16:09:51 GMT
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.39.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-39-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9bde0b67d3b03b1079fd726c65fa29f6b1251defba3857205195a6d965ee80c7

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.cutimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=192d4a8697223eed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.8483228688532953
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98ddf8c6994ce4c34058b6f3722a243a9a88608d58d45a4c680f7c6aea302f58

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		565 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Farticledisplay&tk_flint=pbjs_lite_v8.2.0&l_pb_bid_id=19352e16229f67ed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Farticledisplay&slots=1&rand=0.7534346206140827
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7639f0414ddfa4e866fb37d2c45ae8603aad67f92446bb5a4b6f0b6bd6254673

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
565
expires
Wed, 17 Sep 1975 21:32:10 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cutimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options
nosniff
age
488887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 00:21:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		319 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=1899562929054726&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320%7C1200x250%7C1200x600&ifi=7&adks=1703501257&sfv=1-0-40&prev_scp=position%3Dsuper_hero%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869391324&lmt=1689869391&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f438c501be720ed77a7c47ef4a22137278f550079456c17740dc04292406c6ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=1414295587918846&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=8&adks=16371981&sfv=1-0-40&prev_scp=position%3Dtop%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869391329&lmt=1689869391&adxs=215&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1170x100&msz=1170x0&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9681c47c0523c2d9a0a1aff6f300cd809f10a5c01f6f0d594ec94ec21e48ffa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11732
x-xss-protection
0
google-lineitem-id
6159049915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412945943
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 12:03:57 GMT
expires
Fri, 19 Jul 2024 12:03:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E4F7 		783 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14d94d47f0cbdcf6b929ab62d088e5f9b4356862b1081b5e52ce55f3a99c5012
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CZq98WyBjXw9rdQpO1PSug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-CZq98WyBjXw9rdQpO1PSug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:51 GMT
expires
Thu, 20 Jul 2023 16:09:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=220658508243413&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=9&adks=521319232&sfv=1-0-40&prev_scp=position%3Dmiddle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869391396&lmt=1689869391&adxs=1069&adys=967&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a1cba16971edff5f77034e4a7aff252e866f9f8ab09bc43c053160173d474b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11739
x-xss-protection
0
google-lineitem-id
6159049915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412945796
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E4F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1948404641178983&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 90DB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 13:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jul 2024 13:49:37 GMT
smartads.epl
www.dianomi.com/ Frame FDE8 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee447d67344795f7991e377b416046ef17348fda580915ac5f02bad9e75ea09d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e9c78909dc392ad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 16:09:51 GMT
expires
now
link
</img/a/pss/1972/61.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
smartads.epl
www.dianomi.com/ Frame 0EE3 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd56f9fed10fe7277e1423e0d0035be522befe165fd13db9be5d545aca6133f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
7e9c78909dc692ad-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 16:09:51 GMT
expires
now
link
</img/a/pss/2232/12.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 		268 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cutimes.com/assets/master-template/images/menu-close-btn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
cf-cache-status
HIT
age
5103
cf-polished
origFmt=png, origSize=3321
x-cache
MISS
backend
templates_newlaw_director
content-disposition
inline; filename="menu-close-btn.webp"
content-length
268
last-modified
Thu, 13 Jul 2023 10:26:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
W/"3321-1689243974000"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78914feb4d7a-FRA
x-vnode
28
expires
Thu, 20 Jul 2023 20:09:51 GMT
generate_204
tpc.googlesyndication.com/ Frame 90DB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iJlmig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
12.css
www.dianomi.com/img/a/pss/2232/ Frame 0EE3 		2 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2232/12.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1473234
cf-polished
origSize=2446
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Sat, 17 Jun 2023 06:38:18 GMT
server
cloudflare
etag
W/"98e-5fe4d8c018118"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7e9c7891aed892ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
viewability11.js
www.dianomi.com/js/ Frame 0EE3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
33
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e9c7891bee792ad-FRA
expires
Thu, 20 Jul 2023 16:11:51 GMT
VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame 0EE3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
765331
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Aug 2020 16:33:27 GMT
server
cloudflare
etag
"f64-5ac380c3ca3c0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c7891ff8292ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/130500/12/ Frame 0EE3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/130500/12/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6817b7775af94a21d3ee840fdcc95e0a33d90d2d5d26a6026ec3680286ba5f8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1310894
cf-polished
degrade=85, origSize=24502, status=webp_bigger
content-length
15164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 01:03:32 GMT
server
cloudflare
etag
"5fb6-5fe34c0f0cf78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78920f8392ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/225238/7/ Frame 0EE3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/225238/7/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936e9fd29f146f4940c28ce1d29003f4952e469ad3d35fa3d79db7cc79ebcd4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
269024
cf-polished
qual=85, origFmt=jpeg, origSize=16118
content-disposition
inline; filename="263x200.webp"
content-length
7080
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 21 Jun 2023 16:43:43 GMT
server
cloudflare
etag
"3ef6-5fea67881e430"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78920f8692ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/299437/3/ Frame 0EE3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/299437/3/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50a3f90cdf1f596fb9aa448ae762fe5523a923066f6f7d1089c8b03ead71b65f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
68863
cf-polished
qual=85, origFmt=jpeg, origSize=76248
content-disposition
inline; filename="263x200.webp"
content-length
13252
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jul 2023 16:38:59 GMT
server
cloudflare
etag
"129d8-6007515f22f98"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78920f8792ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/222436/6/ Frame 0EE3 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/222436/6/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1298eeb75edb1d13521b8d53110ec91a15be2ab59ae348be7dafff0493bff7f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
87081
cf-polished
qual=85, origFmt=jpeg, origSize=42378
content-disposition
inline; filename="263x200.webp"
content-length
20994
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 18 May 2023 10:14:00 GMT
server
cloudflare
etag
"a58a-5fbf5102a3878"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78920f8892ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
263x200.jpg
www.dianomi.com/img/a/sav2/222437/5/ Frame 0EE3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/222437/5/263x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e337b6ff209118ee2af38bb2cb274fe72dd9a2adfeb085ca33d3b0eb492c1df1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
2107841
cf-polished
qual=85, origFmt=jpeg, origSize=26195
content-disposition
inline; filename="263x200.webp"
content-length
12900
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 18 May 2023 10:14:00 GMT
server
cloudflare
etag
"6653-5fbf51029e288"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78920f8992ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
61.css
www.dianomi.com/img/a/pss/1972/ Frame FDE8 		2 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/1972/61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1472033
cf-polished
origSize=2947
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 14 Apr 2023 23:36:20 GMT
server
cloudflare
etag
W/"b83-5f9544eebe1e0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-ray
7e9c7891bef292ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
viewability11.js
www.dianomi.com/js/ Frame FDE8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability11.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
33
cf-polished
origSize=13022
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:33:52 GMT
server
cloudflare
etag
W/"32de-5fa523edf86e0"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
7e9c7891bf0f92ad-FRA
expires
Thu, 20 Jul 2023 16:11:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=2666687864942508&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=10&adks=1427363057&sfv=1-0-40&prev_scp=position%3Dmiddle1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869391631&lmt=1689869391&adxs=1069&adys=997&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=315x0&msz=315x0&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c71b621b8d78471e79c58a34068b442392d635115308d640e68dbfad95fbde81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11732
x-xss-protection
0
google-lineitem-id
6159049915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412945796
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixeljs
data.dianomi.com/frontend/ Frame 0EE3 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xB3264858DE0F49AA8A1F7AF016F7C116&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7e9c78921fa292ad-FRA
access-control-allow-headers
dianomi-force-dmp
ads
securepubads.g.doubleclick.net/gampad/ 		318 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1948404641178983&correlator=3886380817095161&eid=31076241%2C21065724&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Carticledisplay&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=729x90&ifi=11&adks=2815906122&sfv=1-0-40&prev_scp=position%3Dfooter%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26source%3DCUT%26id%3Dheg45emjfhi%26topic%3Dnews%252Ccybersecurityandprivacy%26page_number%3D1%26email_domain%3Dnone%26paywall%3Dtrue%26articletype%3Dblog&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869391676&lmt=1689869391&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=20&vis=1&psz=1600x4773&msz=1600x0&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=357699684.1689869391&ga_sid=1689869391&ga_hid=603946351&ga_fc=false&dlt=1689869388100&idt=2377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4bc1d609b82875ccad21606d50fd75bfdce24f268c8a58370a6aa73ed4ee759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixeljs
data.dianomi.com/frontend/ Frame FDE8 		0
177 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x8DDF5BD37E5F419B927E55082DE5C625&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
content-length
0
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7e9c78921fa192ad-FRA
access-control-allow-headers
dianomi-force-dmp
view
securepubads.g.doubleclick.net/pcs/ Frame 409B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFRh69IjmCY9zRqZTMqr0uOzIWqbItpA5yECJ1WyGrwjeJN8xTHccgNexFhABKI-Jz9rrik-WuTwP4BTNrAHhZMtPGdfV04bymTGYLewYgdEy8OWzgVTLqRCbX7DoPzG7f5pK-EHvKMVV3OY3WHDbo1bvpJeUgPx3o5oSvrmO6F48SepkSiQvfpf3QgvEWRbrWJt2HEtIMyxk2__7lzNhQOV1GV0iUgaELsLiIjajrjmyRt5Cqr6_BDSYGBZfrJCwAkytoA8HBPkP14rJxeKF31myO5iItG_966bteXNwI5b22jfcHI_5p6IUwihafuJDLFeSl6rfUxaSUUAoeD8Zfz1tl-vY&sai=AMfl-YQMVhnacz-ew6QpwXEJNkeog1AfiYVoT9HUx8B3ha0P0pG_vhz-y3Ikb1XtB3qesMK4wS61C0AFCI6bXiPjEOO4g_Nrx_TgSWWqM75FSLCXwAEMNr5fqfoxK6JOXg&sig=Cg0ArKJSzKf3-z8U0SBrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14472/ Frame 409B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98e541338a36c2e497153f49814cc78cdc1e05f68ae0c5444f94e2fce799e3a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"b118f8f65f63587c9a3ab59374bfc8c4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4968
x-amz-cf-id
CqBCQIaWc8u-za-Tlr48oyBTGOX1JKZ1ItGMRDPclft8Z437reV4ZA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 409B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:51 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame 409B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5da9fe46f9fbf29253701b381fabd70b82c36745f4a2891f1202abff2c3e2468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:43 GMT
server
AmazonS3
x-amz-request-id
8YB0363E0807VTWJ
etag
"9b5e1ad1db832e42efb58d74f236a907"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=45423
accept-ranges
bytes
content-length
3851
x-amz-id-2
MCYqpSjnV9WueeD43JCXwYedmVPp35kinjR/0O8YBEMCxLuqATnLKLad8z0yLNrTS+ubmF2HrhM=
Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame FDE8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
1760443
cf-polished
origFmt=png, origSize=2126
content-disposition
inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
content-length
1026
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Aug 2020 14:28:40 GMT
server
cloudflare
etag
"84e-5acc31eddb600"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7e9c78928ff392ad-FRA
expires
Sun, 20 Aug 2023 02:09:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 188F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9RCH821Py8Lu625FFA-Mlruh8VlDv23Zh_y_WHJvUdFKSs99FbTW6fwaw8Cln9YeR8MhtTt1b8P6DQVuidg6_O9xroCVR1GQtWqTT2KqDE1P4dKhk6XjBFJ6-5_7CQptOrGM3CpJcY29XtiYmDiNevovz4-qHm1gY-guq2HZ7XHSb3_DJBxetgVgCkd4vvdX9w20KZb3ILbZNsZ0jyNWp0ZyhU8jpnBDQaoNwPoKOGZGXC1fSpi3fWSdarp_zGaYgRxMCxHmDY3WynsMsoJv1Fgs_BCYgPLJc_da_kbT54xUgWw92KxtWbL-jjTpH1dOysBy5kG-QTEYAVC2yfmZJVBliHIQ&sai=AMfl-YTeabsH8QC5uoZ-rcGnx6G5v9tGkgsN1tEr2dwdbrClL8Izt2IXrWYgzoT98SYuEyYi77ZRzh6bFJucIJj9ntwZA13nXL5NU0prKJWbxBb-7barb-1rN5B6Bwbklg&sig=Cg0ArKJSzArjXTZIODjUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14471/ Frame 188F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14471/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5e77bebd8d1eaa909760194902fcc9d988a59ef53e62d3784065bdb8e37e1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:49:01 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"c94f6fe98c4ca6afa15da972f58d7ccd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4972
x-amz-cf-id
S1MeMSjTV6PnP0SJ3YySxGjAJ53SnM3BspYOwSZJy9UgfIhRrSchyw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 188F 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:51 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame 188F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5da9fe46f9fbf29253701b381fabd70b82c36745f4a2891f1202abff2c3e2468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:43 GMT
server
AmazonS3
x-amz-request-id
8YB0363E0807VTWJ
etag
"9b5e1ad1db832e42efb58d74f236a907"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=45423
accept-ranges
bytes
content-length
3851
x-amz-id-2
MCYqpSjnV9WueeD43JCXwYedmVPp35kinjR/0O8YBEMCxLuqATnLKLad8z0yLNrTS+ubmF2HrhM=
view
securepubads.g.doubleclick.net/pcs/ Frame BA36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvia0ktEv92MgSIF-lUCNrzgPsF6ecw9OpncnG_QSbRmDYmRsQaIx11KlbZQD6pW7wowzI88mPPoDJGvJRZKWpPDo_UxvDrLtanpbj_Dp9qgR-ACGkiFocVM8t0B5Yq_Zu5mZ0i2KrYu8ZC1Dn6TXIMXxqV5kYgSeyd_q4krGfmRiEyEfJ64qLvxhUqaPk3h81NPl64QQWcd-4NvrQO2OTUSf9Vpu0CFdf0wG66vfxqbqmTsEDDp_GymmR8-TpZUZoRkk7c_yTEEI041UgiHrddMDu2EWvZDAy6qQap921wha96BlajK-nFOWH3z44pEJ60iukzn4lSexaTr6tccMiXP_7B_cY&sai=AMfl-YSTRM6fJM7WKHKYseH395TW8X8m_4hyPefPmz4rEWQJk9M42UKpWXHCKqMoAWjRb-GDxHYdsKp7UGdfthjVLLc-_vU9fh1S4S5RziWO-el1Ui5P8BJlA_zrOSAokA&sig=Cg0ArKJSzEF_YDrSB8XGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.js
cdn1.opstag.com/14472/ Frame BA36 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98e541338a36c2e497153f49814cc78cdc1e05f68ae0c5444f94e2fce799e3a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"b118f8f65f63587c9a3ab59374bfc8c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4968
x-amz-cf-id
axEY5rN89MRejSES2TO9PsgZPSQqmgoFgD2D_giB8jTo3R2PdybpzA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA36 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:52 GMT
moatad.js
z.moatads.com/almdfp680616975594/ Frame BA36 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/almdfp680616975594/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5da9fe46f9fbf29253701b381fabd70b82c36745f4a2891f1202abff2c3e2468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:42:43 GMT
server
AmazonS3
x-amz-request-id
8YB0363E0807VTWJ
etag
"9b5e1ad1db832e42efb58d74f236a907"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=45423
accept-ranges
bytes
content-length
3851
x-amz-id-2
MCYqpSjnV9WueeD43JCXwYedmVPp35kinjR/0O8YBEMCxLuqATnLKLad8z0yLNrTS+ubmF2HrhM=
tag.aspx
ml314.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?2062023
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 15:39:47 GMT
content-encoding
br
age
1805
x-guploader-uploadid
ADPycds6f1zyf-uczr1c_lPWb9a4lxN8SpoxOhVhye81BFGKILoZFMlierMFCn_TN1NaPp-LisM7H07XHrFE8eZEovxAlvNaf-F8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10523
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
FRA-fa985ced
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1689869389243&de=331231300028&rx=32716902750&m=0&ar=c013c52fed3-clean&iw=ac9d704&q=2&cb=0&cu=1689869389243&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=news%2Ccybersecurityandprivacy&zMoatPS=middle&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A3196%3A3196%3A3484%3A3183&tz=middle&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=204627&na=726632333&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 20 Jul 2023 16:09:52 GMT
truncated
/ Frame 409B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e18f2fea638be1e59ddf8f752e3fcaf4b02bb2bcf31baa2b028936e9a707ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 188F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e143c9c7d71d7e32ab13eacfb7c8f6997a4398f6b479a5e2aaf4f2096531c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BA36 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c51c1fb2ef578fc843c03578d4b32e117bcd12426594dab3050794b4cb52c0a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1689869389243&de=964132707288&rx=32716902750&m=0&ar=c013c52fed3-clean&iw=ac9d704&q=3&cb=0&cu=1689869389243&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945943&zMoatMData=1&zMoatTopic=news%2Ccybersecurityandprivacy&zMoatPS=top&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A3196%3A3196%3A3484%3A3183&tz=top&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=204627&na=1385397969&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 20 Jul 2023 16:09:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1948404641178983&bg=!f3ylfCjNAAa3SiIRl0o7ADkAdvg8WvFSwqWS9BF1vC3xLva0uqn7XSplAV1ZbupEP2EJ4jvT2NDmKmct479RSLIw3KyP5clHvKICAAAAalIAAAAHaAEHmQKo85P2yW3XdUX77tIN0uFIqLPoAP0SvLDb2wa9Gi3SblHOoh0kIV2ejz4dCrpLB0CRHm336fwyIZU70hXh1SGjjfTMjy7lWcUvmfcHt72_7ehv_YFi8YZ5K52j3C2zT_tgn3abXx9e1jTxZ9Oy3gISt14XGrrPaHCPD9bGp5l429lhPtL_9XwtxMzJivb8xFzw0YZYFaiVA5Pzqrs5rPTwZLE8GraztFZla84yst6n5dzK88Rqzp3rWOMtDT4L9gTz0yzOhHgIm6DyrXgKOUoldEQyFwXSzJnNA8YekOyFCs3ECR12gj9lJCQvNOQCKaFMKsrLvvKlet7iz182R2WR65R14vS2P4ORH_abXRXPa_HIiG3AUG-bH_AyuN16PYFcRS4uYExyFHr3IospiL6hNbinBGCGq6JeeWE9Cy2LdYMLRfDCV4EdJhHyo3wHkAoSGL1jM1iYnMmYYrb-JTRbn82easI7xVnIlQReYINytTisd0ebxt6g0xrsDHcMValIpYGw63pFy-ip2I6kCQym1g9mglENLuwpD1JqGyXLohatn7H9lvlgmaLnSHgV-lL_tLkKWjEKFL862ODcd0ZS6CxqHSk1Ad9hQHYT6RVflt-_iPOEErpXQYIh3MeIjAGlBsd-KErP56xOb3L6xfRJLw2ycXjd-RmTbpxP4XznJRdc8VYbc_h97UKeE2oR8OrfgbcE_exE2iZV7czTpjiSzlf_X4s5KCaFfPnBFtk841kvgCSZIohym4k0BrscDiTTrnDn1FmxY_AZ3qSWzH281t3ShVoPR37NtFNf0fs915JPiDHhQtuuFs-DrmDP7mfXlJwJbLly4TurXyJyOnBkv01Oq-26pglED5N_ez4W1B-37kr_rwiA4d-h3IEkAWcBMNW9ufPKXP8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ALMDFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1689869389243&de=354669214114&rx=32716902750&m=0&ar=c013c52fed3-clean&iw=ac9d704&q=4&cb=0&cu=1689869389243&ll=2&lm=0&ln=0&em=0&en=0&d=5095087889%3A3110412442%3A6159049915%3A138412945796&zMoatMData=1&zMoatTopic=news%2Ccybersecurityandprivacy&zMoatPS=middle1&zMoatMMV_MAX=dataAvailable&zMoatMSafety=safe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatHT=-&zMoatWD=-&zMoatCURL=cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&id=1&ii=4&bo=21664827602&bd=21686825641&zMoatOrigSlicer1=21664827602&zMoatOrigSlicer2=21686825641&zMoatDomain=cutimes.com&zMoatSubdomain=cutimes.com&dfp=0%2C1&la=21686825641&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A3196%3A3196%3A3484%3A3183&tz=middle1&iq=dataAvailable&tt=dataAvailable&tu=1&tp=safe&fs=204627&na=1643901307&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 20 Jul 2023 16:09:52 GMT
prebid.js
cdn1.opstag.com/14471/ Frame DDDE 		315 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14471/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:49:01 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"298c5efc2cde85955f477455c5ff3c6c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
98122
x-amz-cf-id
mjUYyHEatYOJu0xp7eobjD0Cbm1e20J6XwgMq8XiszQUgbse2FJ9_A==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame DDDE 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55803
accept-ranges
bytes
content-length
65769
expires
Fri, 21 Jul 2023 07:39:55 GMT
placement.js
cdn1.opstag.com/14471/ Frame DDDE 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14471/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8061c3b7dbd22029811be8c8099fbda9e9e5f72d5dd1f012d9e9793a81ef636a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:49:01 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"ffeaab25dfd06819a4d5d534693f8694"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9094
x-amz-cf-id
xINyxGr3dF7MQGpGMtPzx-lwyBt87jY5XN6gx5c4YWMUmxx9ul7cJg==
ad
pubads.g.doubleclick.net/gampad/ Frame 188F
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339&pre=1
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339&pre=1
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14471-728x90-activefill-desktop-pixel&sz=1x1&t=&c=6142718339&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid.js
cdn1.opstag.com/14472/ Frame 463C 		315 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"298c5efc2cde85955f477455c5ff3c6c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
98122
x-amz-cf-id
c3ZVQUkwO6HrW_XFJfM7fIB6d-fvUkiaFQZu0e8Ls6NaRnfa90vILw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 463C 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55803
accept-ranges
bytes
content-length
65769
expires
Fri, 21 Jul 2023 07:39:55 GMT
placement.js
cdn1.opstag.com/14472/ Frame 463C 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c4542394c7e1c53ab6422a3b43e3e21fa4f15e826578e75dad977f79626a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"e55e7ac6d3869d64e3bc05e0244b2d3f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9091
x-amz-cf-id
fANUjhq-sH0OmxVhWyvpwfJ0DybbD-M3jibWTxa7_O2LZGtAR1x6fA==
ad
pubads.g.doubleclick.net/gampad/ Frame BA36
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad
pubads.g.doubleclick.net/gampad/ Frame 409B
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Thu, 20 Jul 2023 16:09:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570,21665826759/almglobal/cutimes-14472-300x250-activefill-desktop-pixel&sz=1x1&t=&c=6141810709&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid.js
cdn1.opstag.com/14472/ Frame 74A8 		315 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"298c5efc2cde85955f477455c5ff3c6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
98122
x-amz-cf-id
kyNp8Cu1wR02I3cuSX32EviTFz2VFBtK2j4M-jjo5-BCS7H4kUKJLQ==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 74A8 		213 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55803
accept-ranges
bytes
content-length
65769
expires
Fri, 21 Jul 2023 07:39:55 GMT
placement.js
cdn1.opstag.com/14472/ Frame 74A8 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/14472/placement.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-117.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8c4542394c7e1c53ab6422a3b43e3e21fa4f15e826578e75dad977f79626a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 12:48:09 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
etag
"e55e7ac6d3869d64e3bc05e0244b2d3f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
9091
x-amz-cf-id
y3nI-JALSpwsmVChhU60U4Ujs0Js4WbIzmex9GhAj_Li7wrW2MxZkg==
gpt.js
www.googletagservices.com/tag/js/ Frame DDDE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34ce4d461272f57a2620bf35f225e0895f0ef6e860c54a802034b85f180de5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27682
x-xss-protection
0
server
cafe
etag
652 / 19558 / 31076217 / config-hash: 18068557960631788746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:52 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 74A8 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51beda25daea162a80a3be5d182a545cf77f7ef7902defe735542562bc81d1f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27630
x-xss-protection
0
server
cafe
etag
909 / 19558 / 31076241 / config-hash: 18068557960631788746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:52 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 463C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.cutimes.com
URL: https://www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/?utm_source=email&utm_medium=promo&utm_campaign=tech_hub&utm_content=072023&utm_term=cut&slreturn=20230620120946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2301e6bec15152ba3ca77686118d44652ae1762a6bff4b3f4ad2718768ad8302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27607
x-xss-protection
0
server
cafe
etag
142 / 19558 / m202307170101 / config-hash: 18068557960631788746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 16:09:52 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/ Frame DDDE 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64d89a9176baec46740ac08b00de5f127d7f25b831a6776b435f094fbcf3fa63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
6532
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127558
x-xss-protection
0
server
cafe
etag
10063239434271581716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:21:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/ Frame 463C 		385 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
7018
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125056
x-xss-protection
0
server
cafe
etag
10096237036492005269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:12:54 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 74A8 		385 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 05:49:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
37243
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:49:09 GMT
arj
os4m-d.openx.net/w/1.0/ Frame DDDE 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=51e77395-41cf-4f6c-8717-731be20cb0e4&nocache=1689869392959&schain=1.0%2C1!yieldlift.com%2C2000188%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-5392919675564-0&aucs=&auid=558254912
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ec459c1351eca0b7061b847f04a9c57c6cb7437a88dbb6fa902314d4703f3a6a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.cutimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DDDE 		138 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
56b4a5b0629700510e6ef1fcf8aac0a824cd59e3d9e7fcc605c607c33c507789
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
an-x-request-uuid
752f95b4-c36f-4b15-8a8b-73d16dc2e4e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame DDDE 		94 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2265df639da4a328%22%3A%226a1df36f31edbdc3824e%7C728x90%7Cgpid%3D%2F8570%2C21665826759%2Falmglobal%2Fcutimes-14471-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&s=9ba86165-4208-4403-b701-1f9862120fab&pv=b8fc3747-17dc-4ccd-ae2c-9c1fb800871f&vp=mobile&lib_name=prebid&lib_v=6.29.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e5e077adbf730a96a27e0fdde2f3cfcb3c664d5f9d991d41d67abd17c688d5b3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:53 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-111
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame DDDE 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame DDDE 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
86553995dd6261cbc52da1039e97d5b34aec3bcbbb8faef3a5e654dc43ede934

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DDDE 		283 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=451300&zone_id=2631694&size_id=2&rp_schain=1.0,1!yieldlift.com,2000188,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tk_flint=pbjs_lite_v6.29.0&x_source.tid=51e77395-41cf-4f6c-8717-731be20cb0e4&l_pb_bid_id=12cb9bc010d16f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.789198862949843
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9179042eeaea7c3c53471f9d01b94b1c9cffe93cd44b3ac3534d9ea2c132b763

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
283
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame DDDE 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=903731&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213876bc59b98e95%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%2C%22page%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22143f14ace7c91e6%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22903731%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726713d744399c8ec303f18c9789badbbb4a19dcb64a2cd932e8f2b18c528d3c

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKp8DOjTSV%2BrJYj2pJaGPpkRSLhpK7nvjW90YvDZPGlkDUbhw5Qb6rr030XIV%2FqS7HB3DOcSi3REuvtaJZ671%2BzHxSbMY8XjqvuKpILQJu9fRLQ%2BIgxHXrQl%2BCfxYcLXbGyfPDNL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7e9c789ac9d4925c-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame DDDE 		139 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14471/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f6b3a751b09b2c8a6e2ee5501dff4e11a347fc0c30f6e073ee19391b073ad642
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:52 GMT
an-x-request-uuid
b9023d28-41e8-446a-89f8-508bbb16ca3b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 188F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ9V1151SVatx9e5aciLPvZT2lmNFfGgBnSXL3G2x5RporSoXVSpcQBep6_b3_psKaOgBLgL8GbP3HZkjqTDcEkeeOYgWagQ0ReSvygPY0n370zJo7sUPmSD5GKjaI8TAoMThe64jIvZ0-v3rtee0sKxyPlTMnCDVW83tdiTir3fdITUScACt6VpYCnW4-pWLslqkqiza1xu6OZ_Znhr3bB9xuyYRfiw_mRvUWPVt26s1ECK2gmJTPkVA0m8Jsn9HFw-UtAblcmweLVgMsp5p-n9tlWncl371FFBRViMP3gsPiyvzNUyH1n85YpWq0Dsy47p5A6HPUJQG_2_yD5Nptae6jqRIJNw&sai=AMfl-YSCD6Cbjokjpp9NWF6AHCC8Uoe9rVK03FpTKcJpqsbTc-tjtkOxc6ffcke_L4dI6UuyvPg1laj3zNnnsACrXM0ONmV4Kqs_GdcD691E19bDAz_ZLSJB2tX-ssVk8Q&sig=Cg0ArKJSzLLncdJwcaN-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jul 2023 16:09:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BA36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVqtXICIkv8hNgPwJyMDrS6yXch7dE2rBmlsvxL6i2YFzJnmC1P9hRayEu05_56j8Wgxcekj1MjVRfDJ7N5ZrWy1AyCEZd-DWNvTiwXlwVq3r0TfFfx6k3xv0-T5Udk7xSaSI69ZGVOzshHjzbIbkzMY-1scH4rBi56IZLP_7HEhyf1uroT2LvqV73pYD-VR90UoFqNCjMbrMd-6WYO9QpepE9Omguyg40fm1-Jpf8Wh9I6pzt23KwPpqTijOSsXnZ-UZuYw8U3r9XQ0IktgF6HsHbCHOBvM7ZB9LWha4QO9PWQYTBkC_jH88dUm5tkXkUgLLwBEx0fAjjMMRND5GGmNk259GNAA&sai=AMfl-YS9tYeA0ZZhhi0cVPsYdUt7K4xF5Ffm018-7N4vosltkf-5i4zbH1EscyWHdQddnLMQI0SJLMMr-NBkfgKvd2Ad061oWSBDsFcZYqa7EnEf9d5Br-aEhSIWzf2cYQ&sig=Cg0ArKJSzP7zTDd-MAqGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jul 2023 16:09:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 409B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3gsUUpX1H-wj1sOJPrVLNxHHIVLSBoMGkWSPoloyZun4Bts2cC0IEIHN6sTrZXutKsL6ePGdSl3UgcUdPz0XgkyKCpEhlNfi26CZ4Ydy_Yf9pIqXYelOn0HfKSmOqL3m5GuUuaA6_Vk8qVDQJ0tZQBiyLH4wz-VX6mdTlhe_e21nZ5afEgXqscYtsRC6gE4zn6TdYSXe58R0OdzcPwO0oOA0i2R-BOwSP-svRGua_mRASs-u1yqGCpi-f8QA7ojM9mGViwBfsQJr6-iFwpuSlS69Hm9wGFWZE0cPGZGwZOt-fbHPv4kgP3NUKlkbqmc_DhflNzhmQVrZqC7E2Tt0xhwLfgVzwFw&sai=AMfl-YRI9iYiGFvjkh701yMbD-H7Mml2qEeWP899c4YzKnh6aBe0gGxu1FHHNvTdSjx0crtELGHnhDaUXo2aKrpUTJdLhKqAF6ALdPC6LaTIZL0u3i64dhI-QibLUNHBWw&sig=Cg0ArKJSzLm99URz6Q5FEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jul 2023 16:09:53 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 463C 		73 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7e3f5311-934b-44a0-8a1c-63acbd584844&nocache=1689869393042&schain=1.0%2C1!yieldlift.com%2C2000188%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-2006157360151-0&aucs=&auid=558254913
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
87e9242afb62e5946ce6f3355770898c9278122b993a8e73b661a666820f3387

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.cutimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 463C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 463C 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
an-x-request-uuid
48ddc5cf-d3c5-4eb4-b33f-67d1b589eb34
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 463C 		36 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=903732&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227ffc89b07c5fdd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%2C%22page%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228d89f4c3d9485e%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22903732%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1566c21afedfa7686b7b787fa5bd7b2ab98c67152f84c39707b3f6e95d7c78d6

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f%2FcLQqc%2F9CpFgtwEu7f9SFaM25C94YT4TwR5qFMIqr%2FZBgvXhdT%2Fxq1R7Xy4Vd0s1CvYwNVU06ZmgPngoL1UuG%2FXQeoXfk7LVE8D1wdcgsQ6KvFUuP8h2UX4Na1bWV7RTWISekW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7e9c789ac9d5925c-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
trinity.json
apex.go.sonobi.com/ Frame 463C 		95 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210c0b6e2a4d3be7%22%3A%22e5e931910fba9af9d55a%7C300x250%7Cgpid%3D%2F8570%2C21665826759%2Falmglobal%2Fcutimes-14472-300x250-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&s=dd174afb-03c7-442e-bc57-8f098215fb39&pv=a5ce8603-d1bf-4dae-ba48-c856fa0afed7&vp=mobile&lib_name=prebid&lib_v=6.29.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7cf480e675d2962390038351204d151f6ce63bbd38765a2be9ca78784b724876
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:53 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-53
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 463C 		284 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=451300&zone_id=2631696&size_id=15&rp_schain=1.0,1!yieldlift.com,2000188,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tk_flint=pbjs_lite_v6.29.0&x_source.tid=7e3f5311-934b-44a0-8a1c-63acbd584844&l_pb_bid_id=122552659b64bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7226013594204588
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98e7b62fa5d1ae58c3f38318347efd4f69fa3a7ac604476eb8f57f9e0913fed7

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
284
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 463C 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
an-x-request-uuid
5718d795-829b-4c3d-9564-464f0d2cb2d8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 463C 		23 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
5998878d24c6c084550c459e25d85028d118d4e7cd84b769be646a7a8ad82de3

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
arj
os4m-d.openx.net/w/1.0/ Frame 74A8 		73 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7135298d-9711-4557-ac2f-efd4ae1090c1&nocache=1689869393060&schain=1.0%2C1!yieldlift.com%2C2000188%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-2006157360151-0&aucs=&auid=558254913
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2925550a51eae030b3069b8410919caa8500e69a5f4961649c78067dda69946a

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.cutimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 74A8 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
7c741139b4e06d15d2f3bbaea4a8d6623c7edec5d7e306e9ffb1ad2cee6cbb70

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jul 2023 16:09:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cutimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ Frame 74A8 		138 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8ef4ffd28bbef26a5455584534f2beec57e14343a2cfa3e8c0b7bf393a2424ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
an-x-request-uuid
345b1a82-bfc0-4f44-8508-a9e627d302ae
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 74A8 		93 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228eb0e96a4a138%22%3A%22e5e931910fba9af9d55a%7C300x250%7Cgpid%3D%2F8570%2C21665826759%2Falmglobal%2Fcutimes-14472-300x250-activefill-desktop%22%7D&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&s=3b0c2e5e-48f2-4336-a433-4b6a5ab00fbc&pv=7e8e9f5a-2bb8-47f6-a578-ecaea3e0170e&vp=mobile&lib_name=prebid&lib_v=6.29.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
955ae079b0a4b9e5168f9ea794381bb60391bf54b162aed52f85ce96ce4ec244
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:53 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-84
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.cutimes.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
118
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 74A8 		139 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
11faaa20389cc5188dc4d59c7eabb18f809fc1a6230ce3be51749895efad468b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
an-x-request-uuid
8934de7e-4bb4-47ed-b7a6-f9e254ddbeab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 74A8 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.cutimes.com
date
Thu, 20 Jul 2023 16:09:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 74A8 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=903732&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213e113553519177%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%2C%22page%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221491b72ca9af8b7%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22903732%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000188%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffbca252f00b3402ae576430883985a5c86c3e17f94a6996c4d1b16793e8792

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFZAdyp5Jy4u63R5gISdboig11Td4h5NVL%2FTJfy8OC6ALTJknvCZ76E%2B6e071pj4yB9AT34I%2B0%2F3RV6jMhFLDWIye8dvMzfEmOFDZLgluyVLeinng4i2ut8DXjuWG4EvK8aTI0KV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7e9c789ac9d8925c-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 74A8 		284 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=451300&zone_id=2631696&size_id=15&rp_schain=1.0,1!yieldlift.com,2000188,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&tk_flint=pbjs_lite_v6.29.0&x_source.tid=7135298d-9711-4557-ac2f-efd4ae1090c1&l_pb_bid_id=164184a580c1323&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7491859663687213
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/14472/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ac28e3b30b27c8570a18b744c9cf43959f74e06855f8a648a43b2899e2d3d92

Request headers

Referer
https://www.cutimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
284
expires
Wed, 17 Sep 1975 21:32:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame DDDE 		737 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=629121407823842&correlator=1501287167694909&eid=31076217&output=ldjh&gdfp_req=1&vrg=202307170201&ptt=17&impl=fifs&iu_parts=8570%3A21665826759%2Calmglobal%2Ccutimes-14471-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=1742448900&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D12&eri=1&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869393517&lmt=1689869393&dlt=1689869392314&idt=586&adxs=436&adys=230&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=hyrp3q99szio&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&top=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=23&vis=1&psz=728x-1&msz=728x-1&fws=260&ohw=728&ea=0&ga_vid=731952971.1689869394&ga_sid=1689869394&ga_hid=1426677850&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab9dd04acccfad0367f35c2acd1e63eb33b8c17397bd2ca70374fef4e9ca6dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
425
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DDDE 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307170201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ee23c94021b4e1fe2870c04559806b4c606de49132c878c9e34505099ca4440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11699
x-xss-protection
0
container.html
e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Fri, 19 Jul 2024 16:09:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 463C 		739 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4250476753308843&correlator=124677581110183&eid=31068825&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fifs&iu_parts=8570%3A21665826759%2Calmglobal%2Ccutimes-14472-300x250-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3948559212&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D12&eri=1&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869393577&lmt=1689869393&dlt=1689869392326&idt=667&adxs=1077&adys=1337&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=lwcooxkgptvw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&top=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=511880684.1689869394&ga_sid=1689869394&ga_hid=117024582&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06a918a35d888ba01e93f06e82aa5fb7ec5470be10fa3d91ce47bfd8729ebb3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
428
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 463C 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
120a739b89b9829c18afdd7894c4ed7a38fd438ee9d85805f7af62e2fa4c572c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11871
x-xss-protection
0
container.html
1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F06C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Fri, 19 Jul 2024 16:09:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 74A8 		739 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1660083503474393&correlator=932407906812211&eid=31076241&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=8570%3A21665826759%2Calmglobal%2Ccutimes-14472-300x250-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3948559212&sfv=1-0-40&prev_scp=rfsh%3D1%26rfshtime%3D12&eri=1&sc=1&cookie=ID%3D09a95276017d19f6%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw&gpic=UID%3D00000c40418a0859%3AT%3D1689869390%3ART%3D1689869390%3AS%3DALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ&abxe=1&dt=1689869393608&lmt=1689869393&adxs=1077&adys=1057&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=wqmhbl4q2jqi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&ref=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&top=https%3A%2F%2Fwww.cutimes.com%2F2023%2F07%2F11%2Fphishing-attack-exposes-personal-info-for-14754-nihfcu-members%2F%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1878111432.1689869394&ga_sid=1689869394&ga_hid=241764356&ga_fc=false&dlt=1689869392334&idt=674
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5263397d672ca3baa8ac5015a0e379a2c8af2f01f048d15fcf30f324f7981e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
426
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.cutimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 74A8 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ddc1495b0a083bf72eb197872f92e89da92fe9c8730c2448fdbbe20a6d9e46e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11772
x-xss-protection
0
container.html
e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E275 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Fri, 19 Jul 2024 16:09:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DDDE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170201/pubads_impl.js?cb=31076217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 16:09:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 463C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 16:09:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 74A8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 16:09:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E00 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 12:03:57 GMT
expires
Fri, 19 Jul 2024 12:03:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D26D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e534ffffe9e4fd25e4b309f2236a931739fca808d1aa5cdee2c0e1482172cb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r8JgomROnUmXtYKOLZk-Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-r8JgomROnUmXtYKOLZk-Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Thu, 20 Jul 2023 16:09:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1AC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 12:03:57 GMT
expires
Fri, 19 Jul 2024 12:03:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9946 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
592cea791c26b7b9a0062123378c6e92ae6ed9ef65146d7cc61e1c1ae29f96c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bvS4QS5kf6TfFOzjcTaeUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-bvS4QS5kf6TfFOzjcTaeUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Thu, 20 Jul 2023 16:09:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E455 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 12:03:57 GMT
expires
Fri, 19 Jul 2024 12:03:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0A34 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f849aabd3c1386b9fb2f0c8c0d3123b285d06c36d1a305d4d1922dc807562833
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cQScMLfyp9PSZHFpPm8SrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-cQScMLfyp9PSZHFpPm8SrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:53 GMT
expires
Thu, 20 Jul 2023 16:09:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame D26D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307170201&jk=629121407823842&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 9E00 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 13:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jul 2024 13:49:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0A34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1660083503474393&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9946 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307170101&jk=4250476753308843&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame D1AC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 13:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jul 2024 13:49:37 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame E455 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 13:49:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
8416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Jul 2024 13:49:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 188F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQuBxzcFYl7c1EOMMj9vIAys_84gBQN8OcLSHvp8wEtwZ7vKAIb89Tyfs4RaWAcH9dPinmzre7Y0awlRjUbOUSh4iZYa89LBrS3TmBoNUJ_e2gF5YN&sig=Cg0ArKJSzIEi1_hKVlh3EAE&id=lidar2&mcvt=1000&p=230,436,320,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=16371981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689869391842&rpt=1138&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 409B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBG58KrPTK3yVqncr8bQnURWPE4Yz8nA_lNB4eQV128kfnX5tBcuRYEgMFSyutHHD5CUpuQsJp_YAoqQ9rNQoMD0CQBoAtrS1FgxYaal5cxE4Xu_Nv&sig=Cg0ArKJSzKd3NlVdu6rjEAE&id=lidar2&mcvt=1033&p=1057,1077,1307,1377&mtos=0,0,1033,1033,1033&tos=0,0,1033,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=0.57&vu=1&app=0&itpl=19&adk=521319232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689869391728&rpt=1302&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9E00 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?E8ED_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D1AC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FG_Fdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E455 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?exW9ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
checksync.php
contextual.media.net/ Frame 0B1E 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C238%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c4076b7e14dbc1a77827d1296c8572fb0f13d7a400472ff61b44ddf282c28db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8473
content-type
text/html; charset=UTF-8
date
Thu, 20 Jul 2023 16:09:54 GMT
expires
Sat, 22 Jul 2023 16:09:54 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B382 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149639
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 20 Jul 2023 16:09:54 GMT
expires
Sat, 22 Jul 2023 09:43:53 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame C215 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 20 Jul 2023 16:09:54 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2AE4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 20 Jul 2023 16:09:54 GMT
ETag
"623de86a-cf34"
Expires
Fri, 21 Jul 2023 16:09:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 90DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1689869390924
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 0642 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 20 Jul 2023 16:09:53 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 7F87 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jul 2023 16:09:54 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
yourbow-d.openx.net/w/1.0/ Frame 39FB 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yourbow-d.openx.net/w/1.0/pd
Requested by
Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2023-07-20-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cutimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 20 Jul 2023 16:09:54 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
PugMaster
image6.pubmatic.com/AdServer/ Frame B382 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28227999&p=158370&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
084ce171e51c32dfff4b28ae1705a3876a69950c458261f583ed39397b931838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 20 Jul 2023 16:09:54 GMT
content-length
1788
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 7F87 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 16:09:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jul 2023 21:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17823
Connection
keep-alive
Content-Length
10114
Expires
Thu, 20 Jul 2023 21:06:57 GMT
async_usersync
ib.adnxs.com/ Frame 2AE4 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
an-x-request-uuid
03d71081-781d-4ae9-8071-b5a75ad2c135
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1043
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687996999021008493
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687996999021008493
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 20 Jul 2023 16:09:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=687996999021008493
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 16EB
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 20 Jul 2023 16:09:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jul 2023 16:09:54 GMT
expires
Thu, 20 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
691458
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B382
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQKTljA8SYW9TEo-615igw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=149639
accept-ranges
bytes
content-length
5606
expires
Sat, 22 Jul 2023 09:43:53 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B382 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=05029396-303C-4985-BD4C-4A3EEB5E6283&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.215.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-215-196.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.136
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame B382
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=785314841
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=05029396-303C-4985-BD4C-4A3EEB5E6283
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=05029396-303C-4985-BD4C-4A3EEB5E6283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
via
1.1 google
last-modified
Thu, 20 Jul 2023 16:09:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=05029396-303C-4985-BD4C-4A3EEB5E6283
date
Thu, 20 Jul 2023 16:09:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame B382
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=05029396-303C-4985-BD4C-4A3EEB5E6283
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDQydlZhSkdPVjVTMm1MbGlGSTF2b2l5Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6587855707529586187&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
HTTP/1.1
Server
52.206.89.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-89-97.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date
Thu, 20 Jul 2023 16:09:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 20 Jul 2023 16:09:55 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame B382
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDUwMjkzOTYtMzAzQy00OTg1LUJENEMtNEEzRUVCNUU2Mjgz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 20 Jul 2023 16:09:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B382
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGqds2SIqNn4fLIUu8KSGKI&google_cver=1
42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGqds2SIqNn4fLIUu8KSGKI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 20 Jul 2023 16:09:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGqds2SIqNn4fLIUu8KSGKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B382 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 19 Jul 2023 16:09:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B382
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6587855707529586187
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6587855707529586187
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 20 Jul 2023 16:09:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6587855707529586187
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 7F87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHnRnLFgluelEKlPCo8D4HU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHnRnLFgluelEKlPCo8D4HU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHnRnLFgluelEKlPCo8D4HU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI4ZGQ3MDhmZmI5NDUwYTI3OWZhOTRmMWY0MGI4MzAxZWJiYzg0Mg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI4ZGQ3MDhmZmI5NDUwYTI3OWZhOTRmMWY0MGI4MzAxZWJiYzg0Mg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI4ZGQ3MDhmZmI5NDUwYTI3OWZhOTRmMWY0MGI4MzAxZWJiYzg0Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7F87 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 7F87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBCLQW1-20-HDXC
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBCLQW1-20-HDXC
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:09:54 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F8A1B6D560A8420D83A444C52F452D21 Ref B: DUS30EDGE0715 Ref C: 2023-07-20T16:09:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYA7WEAtorxpHq0J6k+uQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKBCLQW1-20-HDXC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7F87
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=26vejRDcSXe2zSozGIa66A&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=26vejRDcSXe2zSozGIa66A
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=26vejRDcSXe2zSozGIa66A
Protocol
HTTP/1.1
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GHCCMSHDX1YY1PE760R0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=26vejRDcSXe2zSozGIa66A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7F87
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jt1WjVOAQyalK17qBERklQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jt1WjVOAQyalK17qBERklQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jt1WjVOAQyalK17qBERklQ
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jul 2023 16:09:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6KNPEGH0AWHN1MVBKGTZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jt1WjVOAQyalK17qBERklQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7F87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtCQ0xRVzEtMjAtSERYQw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBXBuJW_ctC3Jq3pLnKbMP8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCQ0xRVzEtMjAtSERYQw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCQ0xRVzEtMjAtSERYQw==&google_push=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtCQ0xRVzEtMjAtSERYQw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7F87
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ghTLj80UsXsRPAv4PRwpnMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hOGqICRE2oK8cSLTG7lPm22jd1.7.TFbHZ176g--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hOGqICRE2oK8cSLTG7lPm22jd1.7.TFbHZ176g--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 20 Jul 2023 16:09:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-hOGqICRE2oK8cSLTG7lPm22jd1.7.TFbHZ176g--~A
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 74A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1660083503474393&bg=!r6ylrPjNAAa3SiIRl0o7ADkAdvg8Wi8c-H06JmSVQMywd1L7Tpj-KAzV21t71_XbXHd-owEzoRg3szPdZJj3syOgNh3_8yV07F8CAAAA8lIAAAAJaAEHmQLiZoeilWMidH496X243NPptXUj1UgwICrUPzSiLY_aPZwXDVXU1NEU7sHZ1pfDhy_Zp3mqmVXheiPyJvajxhPG_0FklG-cdYjTSheKkLdaCHIa_nvQEW0rDFN2WycQvkmnzMnGoI9exqKz8idQ3xldZjoDjQxDWAkFkv-jib95Jvij_XR0Pt_rVtZPiq9dR2QS7rFDtLBUKnhgLlUd3ChAi9RpDhmSxi3AbFEWx5Yxnn4JqJ7CBJU0yhML1snUcZI4WIKwTZC3kadxGt4yE5m-GarkC_86v4Z99RZZOIqvT-t0tRErmfTJc_vXgPEsuzkn0nX4K6IHtSrwUS0FFOQhXAwkoitaxNnVzPrW2fUHibRw91DHwjoeKlzjQovCdB1Up3uPJiFPaptjo7JgOT9PDuEm4Wd8NpBZflmUGxDv74rJbf_y1apb0AJclGXSWuwxVVYNXp1Za3lH7FULOxzdQBBH2wUHnAhvGqoYCz54xm5LPqye30R3AfRv5UZ0POimQMZ_vz7rn9m8pzmEMWwSG6HZQEd_1k4zSzm1a1jysA9HAqeSWNUZ9IC2aeWTU1M-bv3vX8QVsIFAFSfPaqr4Ugd4OSg0VcfifAFUe7eDEQiZK0UjyJ10-cYpeMXM82V9fz1BodTnJtvpvlb8eH5V2uyyDjqxN1NKG_Z7jSOy5jS_Fdz0RbD9YOv9FFBShWcyk0Z5iyH1jbPsiy4crxrhct3dBidTNiEj7k9Xn-jFwDIj0c9FfS3rwsSa4RnYw0UUzLjO8JIOkeixhyofjTIYkybjckJBzGu_IrMP66gzdv6aRWEmytIJOSQHEK-Rg4C6CrSrgZgW5RaTPCblOc2DViz-MRU3FtbdVNf8Cuph9fWasIRQz5nvB_1WhpAghhz83e6w6pGqPdTFd6JJJn01GSAJ-8DP34YkmQXe8yx1PrRiy7GdUdLYyva58xBvMjrIFnTbWAEVmvVyI19tMCpRKnpG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DDDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307170201&jk=629121407823842&bg=!GBulG0_NAAa3SiIRl0o7ADkAdvg8WqEC1waaDcO4fDghzgbh4w8E-GCGKBz8T0-EnHvYfgEtoFK6CpSOr10ASTODtuPn50lRf4kCAAABAlIAAAAtaAEHmQLfOxqRJ3s83LWlDuiPAYjEWPaL7dYGtWvL0zLSF0CARpeNR3vQhw5EX7ftVn8M8Itu52G415yp8hXaXniDCp9NO5bjQUh9nI5OzWZuW3-KJ2nZMW_gsVWy89_Zreyp2-SE52yXWy9dIg41U096jKQgPuzI6zu5qhxe-2TJYv2C2gvfLTFjFSblrRoma2lK_65fSZo8AJXJD4TiCcXXdbFJgwrIJTWoBq8DmD27pZjB2_f2oYTYUG1vLZTfxoiNBQcVwITa2rbmZPilX5RagDnBWf1y3oMvEq-Er0jLG2xbuIxNojJ3xl9xasVmS35qsLX7qL18yVujpKiZrIg3h-4gH7MMiF3Dmp3443eM3tpgFyXBp9yehcyvTkKLaAhAKn3XZkOllyw_2hus-wBaYDJs5PuvvohU9UFMMnXJsgxhP675le8S9rwUEM6BjLE9IJVZ2DR06weKxImiiv_CtlvxhaRoZmHKT7slYwj-Gl9P1hFRZMQh_6vl_1ivZ1Vrgl1O7MB7ur1FpYEsV0qPKnPzdNm9nXpkIA8nSN1mhnXqs8S0Wc-piQ8N7boRNHUru0HoA1obM8hlMhY-Kttt7NDbHC6bk-oM26k2HZCO_PEjTEVcfKE7bfa-gfoIEI5BdHtjSK82sprV5mPmL5crbk54dyGyXx9mrbPKLdy8b3ar_cy3HJGvIygPO_qB4g5AxAG8PdnASaEQFtjS2sg7CotyzQFR-BYdKZe_6A6wNalF2bpV-tDN5thyZ1Xg1ofGO8zZ561rFWF2hGfnFSmDg-yuAhFsyIdOwmGpqPHqSsUtDn-fNdkVZm7gSLfOgPnjBQOJ3zPi0vs7kOf3Af4bdPJ4tnqWfeXAeK-SuqJnrjSnQPEpq1FPIGtfjBWWOBpoUSM_YpqwUcWkEQJhjmxU1HBWRQPOCtBvmIuAVCHhiWd8XxLB4evZq53ivoHTVejrmx4E7Iee0R6crjUqONg2E_e0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 463C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307170101&jk=4250476753308843&bg=!hIelh9PNAAa3SiIRl0o7ADkAdvg8Wq5OG5GMVaCUfI7uj5oY8a5y7WCujDiejPdSWXy1Y37V878vwI4T2jQTcIiejbUKXc_5QQYCAAAA-1IAAAAgaAEHmQLaPl_XGh5JF4ico7V5Ty5q4yjGb0ye7qOo8LU1Nrc10XQ3gIMWlViLb-KYtTwDE9nOhddScXuM4qdiYyq5YoWmaKDK4IvkJzs-KrZ1Egf8Ye1nKS-933gmA82n2t6IvqcK9ShGBqT2zFvAgIiMms5pDl2JNwSlkYaOuuISDhJCvmlPoyANEaL-9rbi3guVIp9sTCx9aA7SbhW0-Qe-r6Zv2kM2nFgYqv_oHXHDycdaJq4lVr-2gSSyttzrSs6t1sRYquDmXtPC46s_-SYP55c6ItwNwVwlGkwePVrLCfviWhDdmG135OA71ey5uPbRNiJ35sTrhRdG1CEcj7WzCsh35IRCcxDtXdCU8j7QFDb5nj8YPnRzRfOONZt4RtaN7UXDxiw2S6jmoQ4H8GRXB-I2NnVgUQI4euk5DfxazZCEOAsZRuiummRKBgKqGOo_9aW1KgwCxOoMZFcmrTTFGFJGNoDdhA038yadFpGh374TdQ9QCearrNcQdJGkblQYJsCW0I62akSgJ7pIlcnuOiv3H790AJy0tiN6DMRCNdquMA0Vu_MBGjI-QVjC8rdmfuql1_CttXwnHbvdvpEuyKm5uc8CmlAkvgJQBMT4OEVUk-Qj9IootRZsksyGSa4oXXU56Af0Wkd4-ij_UspVqPBHDTEl5qhSzREiXrMUjxrcxk_s2bbxKcb4KFmhYBkhEXpS7kUwYBwNQq5SKwwVr8VX-Fjt8RVBgdKH9fA_TO-Il9-vxsbqK9edn1Lh7RSgIWMjK1Lxe-UkKkyTJLRsU1tMRyYJSuBy4l_pFkP8USmtlIlMokHtXmDBWnEuqi7aCgnd8_QmvtLZgW5cSLgltFLUQ4nfOGVX32khdEsX8lnLTqgD9u2NyZSfGsfoedIf0mLdVABltunKckEsr7N6qOUWXWxEearignyP-sIJWX0NW8T0lsEAlNhXAQE4C0P_d3chMLcrlUNhNYJKNw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cutimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 2AE4 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jul 2023 16:09:55 GMT
an-x-request-uuid
9ba1832e-627a-41fe-959d-c6eb737599b9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.104; 80.255.7.104; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
users.api.jeeng.com
URL
https://users.api.jeeng.com/users/domains/5LgKJnVMkL/sdk/

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| __cfQR function| $ function| jQuery undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| googletag object| MoatNadoAllJsonpRequest_14904812 object| Moat#PML#26#1.2 boolean| Moat#EVA object| MoatDataJsonpRequest_14904812 function| __moatSlotTagLoadedalmheader466656885399 object| moatPrebidApi object| sizesDesktop object| sizesTablet object| sizesPhone number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT function| searchSize function| isElementVisible function| setup function| startTimer function| resetTimer function| goActive function| goInactive object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet function| _ object| apstag object| refreshed string| adUser number| timeoutID string| method object| metas string| olyticsTag string| olyticsCategory string| olyticsId string| url number| oolltt object| oollttMeta string| theNameAttribute function| olyDfpSetCookie function| olyDfpGrabCookie string| olyCDFP object| olytics object| a number| c_start function| olyticsDfpSegments object| falcon object| utag_data string| socialTitle string| socialDescription string| linkedInSource string| via string| fallbackUrl boolean| __cfRLUnblockHandlers function| _bmb object| storeOverlayForm function| switchCSS function| tealiumLoadMore function| tealiumAlert function| tealiumOnsiteMessage function| scShare function| tealiumSlideshow function| dfpSlideshow function| insert_x13 function| insert_mobile_middle_ads function| tealiumQuiz object| WebFont object| _aps boolean| apstagLOADED object| apscustom boolean| utag_condload boolean| m object| utag object| _gaq object| pageTracker function| loadLibrary function| SHA1 boolean| __tealium_twc_switch string| d object| c number| e number| f object| adobe function| Visitor object| s_c_il number| s_c_in object| dpmPixels object| cnvr_launcher_options function| setImmediate function| clearImmediate function| normalize object| _ml string| gtagRename object| dataLayer function| gtag function| twq function| fbq function| _fbq object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| visitor number| s_objectID number| s_giq number| _sf_startpt object| _sf_async_config number| _sf_endpt string| piAId string| piCId object| PublisherCommonId object| conversant object| regeneratorRuntime object| twttr object| Sailthru object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| varName object| optimizely object| dc number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt number| s_loadT object| s_i_almcut_almglobal object| _linkedin string| _linkedin_data_partner_id function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi string| property object| publink_options object| coreid object| ggeac object| google_js_reporting_queue object| jeengConfig object| core object| jeeng function| lintrk boolean| _already_called_lintrk undefined| google_measure_js_timing object| gpt_slots_object string| str object| slotsizes number| corrsize object| slot object| x object| sizes2 object| sizes3 string| dsizesFinal number| google_unique_id object| gaGlobal object| ats function| piResponse object| StickScope function| toggle_visibility function| rotate_icon function| loadNextSection function| loadNext function| shareFacebook function| shareTwitter function| shareGPlus function| shareLinkedin object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 undefined| x13_para undefined| mobile_middle_para undefined| mobile_middle1_para string| cName object| pCOOKIES number| bb object| NmeVal object| GoogleGcLKhOms boolean| attachedML object| google_image_requests

91 Cookies

Domain/Path Name / Value
.cutimes.com/ Name: sailthru_hid
Value: 0d94cee99bf9156d1b3df207741a497d5ef20c09c907c3413055c95d2bc28b522228dda7809e8a91e4a3a5f6
.cutimes.com/ Name: sailthru_bid
Value: 32120067.20312
www.cutimes.com/ Name: NSC_wbsojti!5_ttm_10.0.254.204
Value: ffffffff0908e00445525d5f4f58455e445a4a423660
store.law.com/ Name: regSID
Value: 70e64fca-9717-4109-b1b0-ef62c77e1cb9
.law.com/ Name: ipAddress
Value: 71UjdcNRCIw1pH00
.law.com/ Name: UCID
Value: 9a6b0d6a-9c5f-424d-91e2-30051614eaa2
store.law.com/ Name: CSRFToken
Value: UkoE730FcwchMFphBglMzQ8eyQosy5ySNltwaUgBbk8
.law.com/ Name: ActiveDomains
Value: pBFiNZNKRc5v%2fCBl81BBygc%3d
store.cutimes.com/ Name: regSID
Value: a263f5d4-a67f-4474-8674-d6a4ccb0edbf
.cutimes.com/ Name: ipAddress
Value: 5QQ9dsxQR4shpH4zuEQbl1CUNA%3d%3d
.cutimes.com/ Name: UCID
Value: 1fa2b393-fcee-4578-afdd-2fb5acd54ae2
www.cutimes.com/ Name: ssoCompliant
Value:
www.cutimes.com/ Name: dpm_url_count
Value: 1
.cutimes.com/ Name: oly_fire_id
Value: 3348C6813023A1M
.cutimes.com/ Name: oly_anon_id
Value: 004f0c7b-bf8b-47d2-8be0-05c28168b37d
.cutimes.com/ Name: utag_main
Value: v_id:018974108f0b00481fecfe5d2c7c0307300d206b00b08$_sn:1$_se:1$_ss:1$_st:1689871189580$ses_id:1689869389580%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com$_prevpage:cut%3Ajump%3Aheg45emjfhi%3Bexp-1689872989688
.adnxs.com/ Name: uuid2
Value: 1486297697844927826
.demdex.net/ Name: demdex
Value: 15142237836033583333436617876535041447
www.cutimes.com/ Name: sailthru_pageviews
Value: 2
.cutimes.com/ Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1
.cutimes.com/ Name: _gcl_au
Value: 1.1.937222918.1689869390
.cutimes.com/ Name: _cb
Value: CC9AXWDlCvYXDSoM2g
.cutimes.com/ Name: _chartbeat2
Value: .1689869390017.1689869390017.1.o70RTBcZQbFBUrZuxCzhjnDC6u9Q5.1
.cutimes.com/ Name: _cb_svref
Value: null
.t.co/ Name: muc_ads
Value: fc980537-784d-4b8b-84eb-459d9e742478
.cutimes.com/ Name: _fbp
Value: fb.1.1689869390119.1189153730
.cutimes.com/ Name: s_pers
Value: %20qpv_v40%3Dcut%253Ajump%253Aheg45emjfhi%7C1689871190154%3B
.twitter.com/ Name: personalization_id
Value: "v1_jc+Rcqr2BBkCh5k+as1BBg=="
.cutimes.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLlcTgAAANzPFANn
.dpm.demdex.net/ Name: dpm
Value: 15142237836033583333436617876535041447
.cutimes.com/ Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19559%7CMCMID%7C19645530040489912932445935970873562087%7CMCAAMLH-1690474189%7C6%7CMCAAMB-1690474189%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1689876590s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19566%7CvVersion%7C4.4.0
.dpmsrv.com/ Name: dpm_pxl
Value: 40b91c1c1eb73cf95e5c817ace7985e7356f20ba
.dpmsrv.com/ Name: dpm_pxl_aid
Value: 1486297697844927826
www.cutimes.com/ Name: hasLiveRampMatch
Value: true
.pardot.com/ Name: visitor_id997701
Value: 121747002
.pardot.com/ Name: visitor_id997701-hash
Value: 1df60902cf1a72b6622b89761d220ba1a338ff154b418aa1a94604f6cb416cb2ca583ea6c89dda7b30ebadd06d8729692d97e5e9
pi.pardot.com/ Name: lpv997701
Value: aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vMjAyMy8wNy8xMS9waGlzaGluZy1hdHRhY2stZXhwb3Nlcy1wZXJzb25hbC1pbmZvLWZvci0xNDc1NC1uaWhmY3UtbWVtYmVycy8%2FdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPXByb21vJnV0bV9jYW1wYWlnbj10ZWNoX2h1YiZ1dG1fY29udGVudD0wNzIwMjMmdXRtX3Rlcm09Y3V0JnNscmV0dXJuPTIwMjMwNjIwMTIwOTQ2
pbjs.e-planning.net/ Name: CT
Value: 1
www.cutimes.com/ Name: olytics_dfp_keys
Value: []
www.cutimes.com/ Name: ln_or
Value: eyI3MTQ1MzAiOiJkIn0%3D
.linkedin.com/ Name: li_sugr
Value: cbb0027b-c6a4-4948-9119-9b04f0c2edbf
.linkedin.com/ Name: bcookie
Value: "v=2&1a43fd39-44c7-4a46-83d0-8c0a9b87767c"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2544:u=1:x=1:i=1689869390:t=1689955790:v=2:sig=AQHuEjZ9Gtmd03ssu5YTKomUENKpJDQR"
.doubleclick.net/ Name: IDE
Value: AHWqTUlofZJnMGW3SkYsUeDDOHN84iHW79dht_3vehli1GYl8E-Rslk6flh6aTI7nQs
.rubiconproject.com/ Name: khaos
Value: LKBCLQW1-20-HDXC
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1/6fea9Jb0WANb0fGVcfL/XWaA1sYWTLG+SmvwaNDOnvzeLPbHurUo+EMertEmWyaHhfnFT4rLmuBxGCOXoSK1I8bbQ2uRe5K+xUA9sgf/4b7FQD2yB//h
www.cutimes.com/ Name: sailthru_content
Value: d02512019376e7afc918272f3c41dda0
www.cutimes.com/ Name: sailthru_visitor
Value: 3a4de30c-e07e-44f5-9e9f-76c198430107
www.cutimes.com/ Name: visitor_id997701
Value: 121747002
www.cutimes.com/ Name: visitor_id997701-hash
Value: 1df60902cf1a72b6622b89761d220ba1a338ff154b418aa1a94604f6cb416cb2ca583ea6c89dda7b30ebadd06d8729692d97e5e9
.cutimes.com/ Name: __gads
Value: ID=09a95276017d19f6:T=1689869390:RT=1689869390:S=ALNI_Mb0gc47BYB1SyOM1QoffuHSXUZ8Pw
.cutimes.com/ Name: __gpi
Value: UID=00000c40418a0859:T=1689869390:RT=1689869390:S=ALNI_MbHAfE0GaPSONx4KYvGdQCCucwtLQ
.prebid.a-mo.net/ Name: __amc
Value: 1_1689869390_1689869390
.cutimes.com/ Name: s_sess
Value: %20s_campaign%3Dpromo%253Aemail%253Atech_hub%253A072023%253Acut%3B%20s_evar50%3D413-196245%3B%20s_prop50%3D413-196245%3B%20s_ppvl%3Dcut%25253Ajump%25253Aheg45emjfhi%252C20%252C20%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dcut%25253Ajump%25253Aheg45emjfhi%252C25%252C20%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.linkedin.com/ Name: UserMatchHistory
Value: AQLzAobyQlYHqgAAAYl0EJSTEdusNS5znkoETGGv0tLjigybud51ra3AUtv0w9R-1QjXGAukgpTpSQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL6BSQSIzAs0AAAAYl0EJSTXeINz-rTHL0KcO3pkIfsEmTiS7BDStnalWFF0zG162In8w8UVmirOyZ7a0MfeQ
.criteo.com/ Name: uid
Value: 07051f93-eac3-4bca-ae10-f1fbd4647f39
.www.linkedin.com/ Name: bscookie
Value: "v=1&202307201609514e8ccc95-8fc3-4a18-82a3-4efea53e949dAQEOPvcy8HyBsM_btMeFLAg6HFIudc39"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODk4NjkzOTE7MjswMjHds0rLUAIAOGyfwtZXyX8zYc9d4x+DTxwewlXagcED3w==
.cutimes.com/ Name: cf_clearance
Value: 1eESILrpz7nw3gj6TxDt46fqallsShBgDMqrMlv1HK8-1689869391-0-0.2.1689869391
.e-planning.net/ Name: E
Value: ACWG/XzWxGitb98k
go.alm.com/ Name: visitor_id997701
Value: 121747002
go.alm.com/ Name: visitor_id997701-hash
Value: 1df60902cf1a72b6622b89761d220ba1a338ff154b418aa1a94604f6cb416cb2ca583ea6c89dda7b30ebadd06d8729692d97e5e9
www.cutimes.com/ Name: almGeoLoc2
Value: DE
.cutimes.com/ Name: cto_bundle
Value: ayq-BV8xMEZQWkN4ciUyQmwzM1JFVVRTT1drQm9UNU9YTzFDJTJCMEJNYnBvZUVFcGFkd0lmWlVvdEh4b09OQnVwQmgyNGNmUjV6T1Z5dW9iaVIxNUNGQlpUdk1pbnhaUWQ1YkRUSXBWZEElMkIlMkJQVVZuUnR0Q1Fzb0dPTjd5Z2ZuS0g5MU1TQnFYJTJGWjhNOGFvdE1LSlZZSU1NQlp6NWR3JTNEJTNE
www.cutimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.go.sonobi.com/ Name: HAPLB8A
Value: s8584|ZLlcV
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 05029396-303C-4985-BD4C-4A3EEB5E6283
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158370:2
.pubmatic.com/ Name: DPSync3
Value: 1691020800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1691020800%3A220_21_13_161_56%7C1691107200%3A35
.adform.net/ Name: C
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: kq@DH2nHG86S18
.simpli.fi/ Name: suid
Value: F8D715A8236C459297F7E0D80C21FB88
.adform.net/ Name: uid
Value: 6587855707529586187
.de17a.com/ Name: guid
Value: 1.687996999021008493
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGqds2SIqNn4fLIUu8KSGKI&KRTB&16514-CAESEGqds2SIqNn4fLIUu8KSGKI&KRTB&23025-CAESEGqds2SIqNn4fLIUu8KSGKI&KRTB&23386-CAESEGqds2SIqNn4fLIUu8KSGKI
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-687996999021008493
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6587855707529586187&KRTB&23263-6587855707529586187&KRTB&23481-6587855707529586187
.pubmatic.com/ Name: PugT
Value: 1689869394
.yahoo.com/ Name: A3
Value: d=AQABBFJcuWQCECUoiu5EBR-r1UOidQz-cTIFEgEBAQGtumTDZAAAAAAA_eMAAA&S=AQAAAsLU8h0ZIVQZNoM46IC-guQ
.audrte.com/ Name: arcki2
Value: d42vVaJGOV5S2mLliFI1voiyg!20220908!1689869394990!ip#80.255.7.104
.audrte.com/ Name: arcki2_pubmatic
Value: 05029396-303C-4985-BD4C-4A3EEB5E6283!20220908!1689869394992
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2_ddp2
Value: d42vVaJGOV5S2mLliFI1voiyg!20220908!1689869395172
.amazon-adsystem.com/ Name: ad-id
Value: AzocVhV6Rkfmlw8AOd6Y5ug
.audrte.com/ Name: arcki2_adform
Value: 6587855707529586187!20220908!1689869395346
www.cutimes.com/ Name: dpm_time_site
Value: 6.003

6 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/423396.gif?partner_uid=1486297697844927826
Message:
Failed to load resource: the server responded with a status of 451 ()
security error URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=(Line 54)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=(Line 57)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=(Line 49)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security error URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/2023/07/11/phishing-attack-exposes-personal-info-for-14754-nihfcu-members/%3Futm_source%3Demail%26utm_medium%3Dpromo%26utm_campaign%3Dtech_hub%26utm_content%3D072023%26utm_term%3Dcut%26slreturn%3D20230620120946&can_serve_ads=true&can_cookie=false&gdpr_consent=(Line 52)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=05029396-303C-4985-BD4C-4A3EEB5E6283&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1815ea41301e49d959f8d6ac0afebb7f.safeframe.googlesyndication.com
378c1fdd60eaef278e5372a462f76eed.safeframe.googlesyndication.com
a.audrte.com
a.dpmsrv.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ajax.googleapis.com
ak.sail-horizon.com
alm.demdex.net
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.sail-personalize.com
api.sail-track.com
ats.rlcdn.com
b.law.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.linkedin.oribi.io
cdn.yourbow.com
cdn1.opstag.com
cdnjs.cloudflare.com
cdp.omeda.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
d5p.de17a.com
data.dianomi.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
e1ee4f2a595710a36d642307efb886f1.safeframe.googlesyndication.com
e6ebb7e258825b4bda868db5197ab18e.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geoip.alm.com
go.alm.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.cutimes.com
imageserver.amlaw.com
linkmktg.cutimes.com
match.adsrvr.org
mb.moatads.com
ml314.com
mug.criteo.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
os4m-d.openx.net
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
pi.pardot.com
ping.chartbeat.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.dpmsrv.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
store.cutimes.com
store.law.com
sync.crwdcntrl.net
t.co
tags.tiqcdn.com
telemetries.jeeng.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
use.typekit.net
users.api.jeeng.com
vi.ml314.com
www.cutimes.com
www.dianomi.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
yourbow-d.openx.net
z.moatads.com
users.api.jeeng.com
104.18.16.195
104.18.25.185
104.244.42.197
104.244.42.67
107.20.71.201
13.107.42.14
13.32.99.47
142.250.185.130
143.204.98.71
145.40.97.66
146.75.116.157
178.250.7.11
178.250.7.13
18.66.112.84
185.64.189.112
185.64.190.78
185.64.191.210
185.86.139.95
192.226.82.212
192.226.85.63
193.3.178.3
198.47.127.205
204.180.130.159
204.180.130.165
213.155.156.169
216.52.2.6
23.213.164.226
23.215.22.18
23.32.184.192
23.32.185.123
23.52.120.246
2600:9000:2057:4e00:18:1fcd:353:c61
2600:9000:20eb:bc00:2:53b2:240:93a1
2600:9000:223c:a400:1e:5cef:3780:93a1
2600:9000:223e:d800:7:2bfb:7c00:93a1
2602:803:c004:200::140
2606:4700:10::6816:38ae
2606:4700:10::6816:39ae
2606:4700::6811:190e
2606:4700::6812:3b7
2606:4700::6812:d5a
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3100::1735:28c8
2a02:26f0:480:f::213:7ec6
2a02:26f0:780::210:a452
2a02:fa8:8806:16::1460
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3605:cb40:4a86:732c:5dc5
3.161.119.117
3.74.39.51
3.82.29.12
3.92.120.28
34.111.129.221
34.111.131.239
34.111.234.236
34.120.63.153
34.237.219.119
34.241.14.248
34.253.242.168
34.98.64.218
35.186.253.211
35.201.104.135
35.204.74.118
35.244.141.151
35.244.174.68
35.71.131.137
37.157.2.229
37.252.171.149
51.89.9.252
52.206.89.97
52.208.181.207
52.213.166.38
52.222.208.154
52.222.253.136
52.23.72.57
52.30.125.120
52.46.143.56
54.239.33.158
63.140.62.135
69.166.1.14
69.173.144.139
75.2.104.6
76.223.111.18
95.101.148.20
99.81.215.196
99.83.154.140
01c439c54e599fe885c53fecad21b7273843dd035e2d7ab998e4c2581900d361
04480e4261eb916539cea2887d835cdb4b36e75dffa53c678e9d2d9391163773
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
04bcbf22aed03a8ea72525562e6a2c181a6781c856bf5208f4399a98cf54f02f
067f60acd6e45bd012981c3ea23b0a55250e788c84b39bb41e517033ea362285
06a918a35d888ba01e93f06e82aa5fb7ec5470be10fa3d91ce47bfd8729ebb3f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
084ce171e51c32dfff4b28ae1705a3876a69950c458261f583ed39397b931838
096b44fceb4950630d90f42d758c9568bd5ce604fbfeea62f4c952b27409f020
0a1cba16971edff5f77034e4a7aff252e866f9f8ab09bc43c053160173d474b2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0bc34c3cfd208b5cffee40b63a28cde9c8ff00aadd8b49051b4970a5f9f34234
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
0e143c9c7d71d7e32ab13eacfb7c8f6997a4398f6b479a5e2aaf4f2096531c78
0e16d16a551c77a708408af754c372411359266ab77cb01d995a71a194d21599
0e18f2fea638be1e59ddf8f752e3fcaf4b02bb2bcf31baa2b028936e9a707ad4
0ec6b927b371fe810fa20ec9b5c7a67520672a6123b29cfa8508cedc99c3f428
0fc7962f285b6381104adb0353507a266c7874b28ad22dd2f7085c762911fcdb
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11faaa20389cc5188dc4d59c7eabb18f809fc1a6230ce3be51749895efad468b
120a739b89b9829c18afdd7894c4ed7a38fd438ee9d85805f7af62e2fa4c572c
1462a0162c42f711454ccaf99bb5fd8aef98f3ba33e44ae1aca8f43c1cbda86b
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
14d94d47f0cbdcf6b929ab62d088e5f9b4356862b1081b5e52ce55f3a99c5012
1566c21afedfa7686b7b787fa5bd7b2ab98c67152f84c39707b3f6e95d7c78d6
1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ab43f2c2e647035d6a708a00b4396b24e71077aefed99d89094a11eba4ca22c
1ac28e3b30b27c8570a18b744c9cf43959f74e06855f8a648a43b2899e2d3d92
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
215627e87a5a7fcb308f7a77c698db211786c4617db8d72aac01c1b8d73e7440
2301e6bec15152ba3ca77686118d44652ae1762a6bff4b3f4ad2718768ad8302
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26bd65c9dd2fadc88dd5544f27a8bcbca3c2aa1850eead6a38dc8212cf504fea
28f9a5523d376d7a399bd4794568826eedc5db82f804b13f9030ca1e21b65850
2925550a51eae030b3069b8410919caa8500e69a5f4961649c78067dda69946a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aff5614a231508d127ef71ee9cfeb2a3d24a42ae8aff6dd09305a822b480f1b
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
2ee23c94021b4e1fe2870c04559806b4c606de49132c878c9e34505099ca4440
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
32cf282a6609c0547a2b54c1ecf34dd920b5ffdd699a57a982053c7e45ea0ca4
3461fc06e6c273cb213a590c347cbaee98df764324dff57b31b8cc72a9301b41
34ce4d461272f57a2620bf35f225e0895f0ef6e860c54a802034b85f180de5f8
37f9ccc65813b5f0a5c3e6c603cac19c9648615fc5c20824eaf088bb74376da1
3b88acb6411d8c9354c27b3dce2fd061c7ede2caa986df57936bca7093ed3f70
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
3e534ffffe9e4fd25e4b309f2236a931739fca808d1aa5cdee2c0e1482172cb8
3f49459b38aaee706c6de7947326d1e09d28db1c714d70ecf5746ec3f40d080e
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fa249cd55f43986033ecf0fbb4f228341803a00f7eef0c4e3b91f50f5659f43
3fa8211790c5e7d1d331736c393cce99a527b011528c8c584bef0bc564b7a80f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40624b0c8c9f114513934e41b1098ab098ae971fb389f89fa1e4386a377aa40f
4119b57fc4f1eb11ebae7a392bda7efcef99df3e1dc418d5f4642d10921e4e35
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
453807dfdcfa6e34f4ad679c653c96187a3a5f0f452cb6386f89f65e4a949769
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49708326f3cd03bbb5fb318ced7b0f2ee72c14a3b8fdfd0b3c74cf95ee397517
49d0f32e1b8ee77e36e1e3b895aac7b0e04c6ee04bbcca3f3f94b3ec624a3efe
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49d90c0bc600472597b63efba08cf2f84214cb16b7f3df6487fe4a4b32c4bb3c
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4b80d82f9e3bf8ae6dd3266fd6fde9d66904149fd3975290810165f99c7188c9
4bbc7d3dde7c47781ade63f743e9d16780486e1da225dcec1eea43afed562915
4c19ed6bf2956ac34e523859316f7fbf0059d715e6b5542757919905490a8e0a
4d3570572457e869a2da22c2ac90d49fec37b9e5b71b39d2176013037df40517
4d5c58fd6c397f805178f269b6238cd6502e50ed2fa51cff3434ec22b2d07824
50a3f90cdf1f596fb9aa448ae762fe5523a923066f6f7d1089c8b03ead71b65f
51beda25daea162a80a3be5d182a545cf77f7ef7902defe735542562bc81d1f1
5263397d672ca3baa8ac5015a0e379a2c8af2f01f048d15fcf30f324f7981e6e
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d50fd95fac9af9be19cef115f2e2a46a9329ebdf8458d8bcad55d2086e2c38
5678d6d105412bc3ca9e1ca7dbc451c151cc3131069141fc20ba56503941d916
56b4a5b0629700510e6ef1fcf8aac0a824cd59e3d9e7fcc605c607c33c507789
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
592cea791c26b7b9a0062123378c6e92ae6ed9ef65146d7cc61e1c1ae29f96c0
592f9218af2d2c216bca48627d6f78d860b42fad609ff8aedb75f5baf073b56a
5998878d24c6c084550c459e25d85028d118d4e7cd84b769be646a7a8ad82de3
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5da9fe46f9fbf29253701b381fabd70b82c36745f4a2891f1202abff2c3e2468
60670bfa41fd1644a433674a62c5aff53afa2ae138dc05071b9dd4ab89bc21b4
60f62ef961fc74b18d09a2811eb575746262cad19ad797294ba77125a3da9685
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
64d89a9176baec46740ac08b00de5f127d7f25b831a6776b435f094fbcf3fa63
64e8f1e333629dd9437bdafe98e339b83b4eac07666b8188c55895c6566a9685
6603811ed7154fa9d63a93018705afce42e27e3699db243f0d9f5cf72e320c63
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680793037903a79a43b1b6568dbe489e27bacfd8a2a1b4a741141411df3195b8
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6dbc181be5382f742b2a8a27d6c4aa03b28d7e8716e30f19f70cb7b88e637399
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
726713d744399c8ec303f18c9789badbbb4a19dcb64a2cd932e8f2b18c528d3c
72f68e67dc5244a4782f299fd9a10b0954b16e68d809df521720d2f3257d6b41
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
758718f76bd76e69acd9d56ea08ef4919e350c80cd9cd1445aa1f35499747a00
75a7d888b4920f32ce4d9e9a8b5a3a26ed182813b273a17ab4a548bfb1835d1b
7639f0414ddfa4e866fb37d2c45ae8603aad67f92446bb5a4b6f0b6bd6254673
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bd56f9fed10fe7277e1423e0d0035be522befe165fd13db9be5d545aca6133f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c741139b4e06d15d2f3bbaea4a8d6623c7edec5d7e306e9ffb1ad2cee6cbb70
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cf480e675d2962390038351204d151f6ce63bbd38765a2be9ca78784b724876
7ddc1495b0a083bf72eb197872f92e89da92fe9c8730c2448fdbbe20a6d9e46e
7fddef57d600ce7b6e76d922a3e793f0b5c1694ad65dedc2a9fd140c2f4fbdbb
8061c3b7dbd22029811be8c8099fbda9e9e5f72d5dd1f012d9e9793a81ef636a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
819366176b8e94fe5ce5294472ec4acb73e7ea7e31e278fb550dd7e6fc9304ac
8284a9ccfdf84c574e0e3485c78f0ec8b751f0924e0dd73996270432610f23c1
8326609049d7f7e454ce3aa74890aeaacb3a922195ba01efd92be0ce9b423aae
86553995dd6261cbc52da1039e97d5b34aec3bcbbb8faef3a5e654dc43ede934
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
86837437cb45ee0a15a860678eebee8320ec33b32d67c0581650b00011475335
86ef5381d049713cf3fc6e30336ecdc32127e47ab1876ffc33d181c179083d56
87e9242afb62e5946ce6f3355770898c9278122b993a8e73b661a666820f3387
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1
88355372063409f3eeeae5adf182c7c0210255e49497c5bec5b213188bb222a2
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8a062f1fda2e8f00ac81a5d4cf9282cf1b0810c9819957e283f3d0020f4e510f
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8c9a66917c90d7bc4fa572a79659bf85ac4a9a4a7063f99e694b2ae9a6d38b02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d75d6fffbf49b9d12e24a095b98fa4e957bbaa22b8d801ecd42ad8ed6f0fdbc
8e22de2f3daa81640b661557e04b0078e450dca1b4ac96005d657c6bc2f3ec28
8e7d0238ca953200c82e3a3dce0c8d3185e8d21f6ee67a1f3c850d01cc61318c
8ef4ffd28bbef26a5455584534f2beec57e14343a2cfa3e8c0b7bf393a2424ab
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
901d063fca086350f7dc3367b637f16984fd639c1c4a3258b50290ccc9c22b20
9179042eeaea7c3c53471f9d01b94b1c9cffe93cd44b3ac3534d9ea2c132b763
92780d6f3960751f1e13c7ad8fdfabdfb84914736581a3d7d6cf392bc29b2bec
936e9fd29f146f4940c28ce1d29003f4952e469ad3d35fa3d79db7cc79ebcd4d
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
945d3b796703939632c863b881e532cfcea144d651b6ae7a46237f0c8531c8b7
94bd8b828002f39cf37f40e1e740b4b6ce321465ba9f01c1cbb0100ce9a6736f
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
955ae079b0a4b9e5168f9ea794381bb60391bf54b162aed52f85ce96ce4ec244
9614340c447e0bdaa2614f1389343e6fe85307322237f88722dc9ca0a7386abd
9681c47c0523c2d9a0a1aff6f300cd809f10a5c01f6f0d594ec94ec21e48ffa8
98ddf8c6994ce4c34058b6f3722a243a9a88608d58d45a4c680f7c6aea302f58
98e018091a55ef9c6468213d7ce4d295a1dad2c1454cf6986e226b79ba1db6d8
98e541338a36c2e497153f49814cc78cdc1e05f68ae0c5444f94e2fce799e3a3
98e7b62fa5d1ae58c3f38318347efd4f69fa3a7ac604476eb8f57f9e0913fed7
999b8b263c85b21e12d982f05551ea8969318be655f8276697b12e0db7f202ad
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9bde0b67d3b03b1079fd726c65fa29f6b1251defba3857205195a6d965ee80c7
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
9deee22321901c58c6baa27ad470951c2eff83eb98baa4e7f4d681e4d2905c54
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a34377483ff3aa917edd6efc5adef60b169de3b576b2dce9627b22f0392059b7
a3983d770263365a5b519a47da23d7cf8f3fb94eb9a8e1f39407fc595d98487b
a6d67f1609a53af7e6c53cb2178b20dd9ffa85eff3c35b7184d73273684e30eb
a76cbc06ab4c0c78941bd339db0f17f5da4111217648b960d9a4de75d25ef3fe
a9ca815d1d2346468af9c775cf9568b8c0bb6c365f8c52d00fd78709e6b1a5a6
ab64560cf10e232d83b783805d267b1675aa728828db773daefe5936e0e4ed67
ab9dd04acccfad0367f35c2acd1e63eb33b8c17397bd2ca70374fef4e9ca6dba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad141afb9d4835cba9a1535abf21099f34757d846c061b7e92071568281f5141
affa3522dddba043271bd195dafc0dec26fa46878c6a4ca42488a3fcbcc5bebb
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b5e77bebd8d1eaa909760194902fcc9d988a59ef53e62d3784065bdb8e37e1db
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
bffbca252f00b3402ae576430883985a5c86c3e17f94a6996c4d1b16793e8792
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25aad21e410b837b04e08e1bb2f54ef9887585cd46a894c8fc00e8e2dcb45a1
c322cea2765ba6b4111f75b8a73cc1bdc6121f6035cb2c58cef368a70e96b323
c4076b7e14dbc1a77827d1296c8572fb0f13d7a400472ff61b44ddf282c28db9
c49aee0de30b0a3f66b0e8607727fef85fe168f04d39161b77ba9802e2948676
c4ad52c718f5bbf085e3dc1aa17fe512423da20d57597f3845af666e53aef39c
c51c1fb2ef578fc843c03578d4b32e117bcd12426594dab3050794b4cb52c0a9
c6817b7775af94a21d3ee840fdcc95e0a33d90d2d5d26a6026ec3680286ba5f8
c68f97757a72f1fac4fcd1a498bac14473644e0d8ee94eaf5202f8bc22b7d1b8
c70235e175c45d743d92a816f5aec6d77fff3fdc834c5bd4ada31a728009553d
c71b621b8d78471e79c58a34068b442392d635115308d640e68dbfad95fbde81
c7e1fb43b65e0e05a7cc842ee37b5497d4c4a55ae467f9a5c58de2d7b18e8b79
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c89eba5ed5ec36c3006816aa767c4659b0e45e408d4e10fb6eab9950d921ee6a
c8a8625a1390f1d9a9a55e250409f4fae1bc8e4b6406d04fc09fc8e80aa0b65b
caea5079fc5f3425d68486e1da462a84df0ba9205ceb229dd49188ec9511775d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf92aaded3ed4933cfc300fdb186612632818b4dbc69a234069944c4b4ec7624
cf979941e65d77026e6ff772621039c60ca51858cbb99228b5006fa96693d3ad
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d20ebe3acfd8825cc8a7b35621548f8d4e67b109b44a6d0e762dd97865519191
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d66f516fc5deb46f3128652614583070e91bf4316a89f68c64acb33235727f20
d6b05228822f7114e460bd7bfefa0a002fc64358cdc115daf90ebb989641b5bd
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d8c4542394c7e1c53ab6422a3b43e3e21fa4f15e826578e75dad977f79626a50
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492
dba94d51a267c7eb9cf17bb490de15e92c9a576e719c50ec8ee61cf9ca97dd6e
dc8fa03f97fe8f4a5919c30ddf2661907b9baa05c11e7fbd3ff3cef0a4b2868f
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e1298eeb75edb1d13521b8d53110ec91a15be2ab59ae348be7dafff0493bff7f
e25f0de1d8895c746576eba91b82546a6b6f2ecaae43294fea315dda02d3d3b4
e337b6ff209118ee2af38bb2cb274fe72dd9a2adfeb085ca33d3b0eb492c1df1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f2f444bdaf98beafed3260cf6c8e2267d8bfd11cde876b29a1f7c01613c92a
e4bc1d609b82875ccad21606d50fd75bfdce24f268c8a58370a6aa73ed4ee759
e5d505bfb6e138068c440dbb5d59df96078195f76b61ef0e2cb53d5f1d460b77
e5e077adbf730a96a27e0fdde2f3cfcb3c664d5f9d991d41d67abd17c688d5b3
e7c6e28810bff5b56212366fc339e407f4897965ceb851343020bceabef1e10c
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e9167b6b2e77b9f2e5ee45af4127b013dfc59d54e231437f5125ec07b4747a1a
ec459c1351eca0b7061b847f04a9c57c6cb7437a88dbb6fa902314d4703f3a6a
ed0d5720f1d865f91b1fc22098d64fc0d2d30219eec369574e0b270d98133090
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
ee447d67344795f7991e377b416046ef17348fda580915ac5f02bad9e75ea09d
eebdf997116ef270b66926000da1647e3683a98699678be246270bde570ab416
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97b048fbe5aacbf85f456cdfcd4a4d8beaf2f77c1c9fb20b47b9299d4828d3
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
f2a85f8d7460255632c5cb5fbe93eb75f6fc6b71de4e0e2d29ec1101f8ba0114
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
f31d2dfc1978d5fe95f0e110bcd134a79a05c8d420e4df70165fe377b3d691c5
f3599c62e7f19c9428aa0622e6eae0cd2726d6569f4a1349045cba7da5a12768
f438c501be720ed77a7c47ef4a22137278f550079456c17740dc04292406c6ad
f4fb2954bc2129533ffd10d39909549ad56a10907252158460e91642a8066221
f65d432d4eaf03f05909dbb86ce21d3f59091432336a3b06edb31ff9b459ee25
f6b3a751b09b2c8a6e2ee5501dff4e11a347fc0c30f6e073ee19391b073ad642
f6fda9c63d8f5b2066251999e9b075da2a916ab19f28a614385b95335772de94
f7af805d989643087ea301fdbb521ed31a16f4c858371f9bbac53c93666c288f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f849aabd3c1386b9fb2f0c8c0d3123b285d06c36d1a305d4d1922dc807562833
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fc1d6e177f0a93623a64d3db5c13f5aba3b47a22dfac2a92daf9b2b9b574aed5
fc76428cad5c36631113a653d30ef85dbcfe672934b13630f4fdd2c1f1403f58
fc8aab911feb47f488a53f5a27e995b8efa25110345c22cbccb34cf095eac26d
fd2704988e75a4899b9bf6c42893ff16be17c50b5920ab9674fd7a97871358aa
fd3d957f38ee564d0cf89af1cdf6ce46dbe0c228bfb65bd4720445db5fefcf9f
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf
fdade80ef3c3afbcca324a570378a4e0f4d100a69cfbf8121fd14604ad1dfd35
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba