www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://linkmktg.cutimes.com/
Effective URL:
https://www.cutimes.com/?slreturn=20240008113432
Submission: On January 08 via manual (January 8th 2024, 4:34:48 pm UTC) from US — Scanned from DE

Summary HTTP 384 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 90 IPs in 8 countries across 73 domains to perform 384 HTTP transactions. The main IP is 2606:4700::6812:3b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cutimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2023. Valid for: a year.

This is the only time www.cutimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.20.71.201 107.20.71.201	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6812:2b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 57	2606:4700::68... 2606:4700::6812:3b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	192.226.84.37 192.226.84.37	16524 (METTEL) (METTEL)
10	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
3	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:710... 2a02:26f0:7100::1720:ef1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:c5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.141.151 35.244.141.151	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	13.249.8.8 13.249.8.8	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20c... 2600:9000:20c3:5200:1e:5cef:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:26d... 2600:9000:26db:ac00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
24	172.64.146.151 172.64.146.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.36.90 108.138.36.90	16509 (AMAZON-02) (AMAZON-02)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.238.243.122 18.238.243.122	16509 (AMAZON-02) (AMAZON-02)
2 5	52.50.241.158 52.50.241.158	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
2 21	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.44.115.142 52.44.115.142	14618 (AMAZON-AES) (AMAZON-AES)
4	2.23.78.67 2.23.78.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.239.18.12 18.239.18.12	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2646:1600:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100::1720:ef23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	63.140.62.164 63.140.62.164	15224 (OMNITURE) (OMNITURE)
1 1	52.213.250.206 52.213.250.206	16509 (AMAZON-02) (AMAZON-02)
1 2	54.246.43.192 54.246.43.192	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	3.233.0.138 3.233.0.138	14618 (AMAZON-AES) (AMAZON-AES)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
8	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.250.5.176 34.250.5.176	16509 (AMAZON-02) (AMAZON-02)
8	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
8	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
15	35.157.26.8 35.157.26.8	16509 (AMAZON-02) (AMAZON-02)
2 10	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
8	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
9	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
15	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	88.221.124.22 88.221.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700:10:... 2606:4700:10::ac43:28ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	88.221.125.233 88.221.125.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f602:8bd3:480b:a39:d536	14618 (AMAZON-AES) (AMAZON-AES)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 1	52.17.110.172 52.17.110.172	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.246.208.24 54.246.208.24	16509 (AMAZON-02) (AMAZON-02)
1	168.119.72.236 168.119.72.236	24940 (HETZNER-AS) (HETZNER-AS)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	34.230.166.102 34.230.166.102	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.255.53.47 34.255.53.47	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.58.206.230 52.58.206.230	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
384	90

1 107.20.71.201 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com

linkmktg.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:2b7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2606:4700::6812:3b7 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.cutimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.226.84.37 (Westwood, United States) 1 redirects

ASN16524 (METTEL, US)

store.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

owlcarousel2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:ef1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c5a (United States)

ASN13335 (CLOUDFLARENET, US)

imageserver.amlaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.141.151 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 151.141.244.35.bc.googleusercontent.com

cdn.yourbow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.8.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-8-8.cdg53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c3:5200:1e:5cef:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:26db:ac00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.64.146.151 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-90.muc50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-122.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.50.241.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-241-158.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.180.130.159 (Lincolnshire, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

cdp.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.115.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-115-142.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-12.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:1600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:ef23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.164 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-164.data.adobedc.net

b.law.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.250.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-250-206.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.43.192 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.0.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-0-138.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.250.5.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.157.26.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 193.3.178.4 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

go.alm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.124.22 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:28ad (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

yourbow-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f602:8bd3:480b:a39:d536 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.110.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-110-172.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.208.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-24.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.166.102 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-166-102.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.53.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-53-47.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.206.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-206-230.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	cutimes.com 5 redirects linkmktg.cutimes.com cutimes.com www.cutimes.com store.cutimes.com images.cutimes.com	756 KB
24	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 16336 data.dianomi.com — Cisco Umbrella Rank: 20251	114 KB
22	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 acdn.adnxs.com — Cisco Umbrella Rank: 957	64 KB
19	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 eus.rubiconproject.com — Cisco Umbrella Rank: 951 pixel.rubiconproject.com — Cisco Umbrella Rank: 620 token.rubiconproject.com — Cisco Umbrella Rank: 744	22 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	172 KB
15	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2047	5 KB
15	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1894	2 KB
14	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 4422 mwzeom.zeotap.com — Cisco Umbrella Rank: 4630	5 KB
14	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923	81 KB
12	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1316	87 KB
11	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766 ads.pubmatic.com — Cisco Umbrella Rank: 811 image6.pubmatic.com — Cisco Umbrella Rank: 1215	7 KB
11	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	9 KB
11	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	222 KB
10	e-planning.net 2 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 9612	6 KB
9	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	2 KB
9	openx.net rtb.openx.net — Cisco Umbrella Rank: 1007 yourbow-d.openx.net — Cisco Umbrella Rank: 191164	1 KB
9	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1105	3 KB
9	media.net prebid.media.net — Cisco Umbrella Rank: 1682 contextual.media.net — Cisco Umbrella Rank: 1093	44 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	42 KB
8	lijit.com ap.lijit.com — Cisco Umbrella Rank: 998	2 KB
7	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 68539 oqs.omeda.com — Cisco Umbrella Rank: 69439 cdp.omeda.com — Cisco Umbrella Rank: 67595	74 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778 www.linkedin.com — Cisco Umbrella Rank: 944 px4.ads.linkedin.com — Cisco Umbrella Rank: 7294	5 KB
5	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 313 alm.demdex.net — Cisco Umbrella Rank: 525310	6 KB
5	moatads.com z.moatads.com — Cisco Umbrella Rank: 986 mb.moatads.com — Cisco Umbrella Rank: 1087	183 KB
5	law.com 1 redirects store.law.com — Cisco Umbrella Rank: 358012 b.law.com — Cisco Umbrella Rank: 436857	8 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	2 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	106 KB
4	gstatic.com fonts.gstatic.com	160 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	54 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 1173 usermatch.krxd.net — Cisco Umbrella Rank: 3030	942 B
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	13 KB
3	ml314.com vi.ml314.com — Cisco Umbrella Rank: 13617 ml314.com — Cisco Umbrella Rank: 3210	11 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 89834 a.dpmsrv.com — Cisco Umbrella Rank: 71784	32 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 fonts.googleapis.com — Cisco Umbrella Rank: 115	9 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	566 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 31924	910 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	62 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1969 sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	1005 B
2	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 23802	16 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 12877	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
2	alm.com geoip.alm.com — Cisco Umbrella Rank: 494564 go.alm.com — Cisco Umbrella Rank: 539978	1 KB
2	amlaw.com imageserver.amlaw.com — Cisco Umbrella Rank: 271298	69 KB
2	github.io owlcarousel2.github.io — Cisco Umbrella Rank: 161712	2 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1348	693 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	146 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 68882	214 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2667	60 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 2126	204 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 973	526 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 17533	84 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052	596 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 11200	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 19429	460 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 960	203 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	149 B
1	adform.net dmp.adform.net — Cisco Umbrella Rank: 4001	454 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 4002	455 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 764	98 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1200	396 B
1	t.co t.co — Cisco Umbrella Rank: 751	378 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1643	201 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4184	463 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1184	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	72 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1877	15 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2311	15 KB
1	yourbow.com cdn.yourbow.com — Cisco Umbrella Rank: 131049	411 KB
0	bemail.it Failed bn01.er.bemail.it Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
384	73

	Domain	Requested by
36	www.cutimes.com	2 redirects www.cutimes.com cdnjs.cloudflare.com
22	www.dianomi.com	www.cutimes.com www.dianomi.com
21	ib.adnxs.com	2 redirects cdn.yourbow.com spl.zeotap.com acdn.adnxs.com
20	images.cutimes.com	www.cutimes.com
16	securepubads.g.doubleclick.net	olytics.omeda.com tags.tiqcdn.com securepubads.g.doubleclick.net
15	prg.smartadserver.com	cdn.yourbow.com
15	btlr.sharethrough.com	cdn.yourbow.com
15	fastlane.rubiconproject.com	cdn.yourbow.com
12	mwzeom.zeotap.com	spl.zeotap.com
12	tags.tiqcdn.com	www.cutimes.com tags.tiqcdn.com
10	pbjs.e-planning.net	2 redirects cdn.yourbow.com
10	use.typekit.net	www.cutimes.com use.typekit.net
9	prebid.a-mo.net	cdn.yourbow.com
9	onetag-sys.com	cdn.yourbow.com
8	rtb.openx.net	cdn.yourbow.com
8	hbopenbid.pubmatic.com	cdn.yourbow.com
8	bidder.criteo.com	cdn.yourbow.com
8	ap.lijit.com	cdn.yourbow.com
8	prebid.media.net	cdn.yourbow.com
8	aax.amazon-adsystem.com	c.amazon-adsystem.com
5	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	secure.cdn.fastclick.net	www.cutimes.com secure.cdn.fastclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	dpm.demdex.net	2 redirects
4	cdnjs.cloudflare.com	www.cutimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdp.omeda.com	olytics.omeda.com
3	c.amazon-adsystem.com	cdn.yourbow.com c.amazon-adsystem.com
3	z.moatads.com	www.cutimes.com z.moatads.com
3	store.law.com	1 redirects www.cutimes.com
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	beacon.krxd.net	spl.zeotap.com
2	idsync.frontend.weborama.fr	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	eus.rubiconproject.com	cdn.yourbow.com eus.rubiconproject.com
2	spl.zeotap.com	cdn.yourbow.com spl.zeotap.com
2	data.dianomi.com	www.dianomi.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.yourbow.com static.criteo.net
2	www.google.com	tpc.googlesyndication.com
2	cm.g.doubleclick.net	1 redirects spl.zeotap.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	b.law.com	tags.tiqcdn.com
2	clientcdn.pushengage.com	tags.tiqcdn.com clientcdn.pushengage.com
2	pi.pardot.com	tags.tiqcdn.com pi.pardot.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	ml314.com	tags.tiqcdn.com ml314.com
2	a.dpmsrv.com
2	oqs.omeda.com	olytics.omeda.com
2	olytics.omeda.com	www.cutimes.com tags.tiqcdn.com
2	mb.moatads.com	z.moatads.com
2	fonts.googleapis.com	www.cutimes.com ajax.googleapis.com
2	imageserver.amlaw.com	www.cutimes.com
2	owlcarousel2.github.io	www.cutimes.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cms.quantserve.com	1 redirects
1	x.bidswitch.net	spl.zeotap.com
1	pixel.rubiconproject.com	1 redirects
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	match.adsrvr.org	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	yourbow-d.openx.net	cdn.yourbow.com
1	acdn.adnxs.com	cdn.yourbow.com
1	ads.pubmatic.com	cdn.yourbow.com
1	contextual.media.net	cdn.yourbow.com
1	mug.criteo.com
1	go.alm.com	pi.pardot.com
1	www.facebook.com
1	www.google.de
1	idsync.rlcdn.com
1	analytics.twitter.com
1	t.co
1	e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	ping.chartbeat.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	cm.everesttech.net	1 redirects
1	alm.demdex.net	tags.tiqcdn.com
1	static.ads-twitter.com	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	snap.licdn.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	tags.crwdcntrl.net	www.cutimes.com
1	geoip.alm.com	cdnjs.cloudflare.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	vi.ml314.com	www.cutimes.com
1	s.dpmsrv.com	www.cutimes.com
1	ajax.googleapis.com	www.cutimes.com
1	cdn.yourbow.com	www.cutimes.com
1	p.typekit.net	use.typekit.net
1	store.cutimes.com	1 redirects
1	cutimes.com	1 redirects
1	linkmktg.cutimes.com	1 redirects
0	bn01.er.bemail.it Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
384	112

This site contains links to these domains. Also see Links.

Domain
www.alm.com
www.facebook.com
twitter.com
www.linkedin.com
store.law.com
event.cutimes.com
cutimes.tradepub.com

Subject Issuer	Validity	Valid
cutimes.com Cloudflare Inc ECC CA-3	`2023-04-21` - `2024-04-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
amlaw.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.law.com Go Daddy Secure Certificate Authority - G2	`2023-03-09` - `2024-04-09`	a year	crt.sh
cdn.yourbow.com GTS CA 1D4	`2023-12-18` - `2024-03-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2023-06-18` - `2024-06-23`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
vi.ml314.com GTS CA 1D4	`2023-11-30` - `2024-02-28`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.alm.com Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-11-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-17` - `2024-01-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-07-23`	a year	crt.sh
*.pushengage.com AlphaSSL CA - SHA256 - G4	`2023-02-07` - `2024-03-10`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
b.law.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-12` - `2024-10-12`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.e-planning.net R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
go.alm.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.v.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-12-13`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
dmp.theadex.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.cutimes.com/?slreturn=20240008113432
Frame ID: 729CB07C3D4C79D382C9AA10BB8ED1BF
Requests: 302 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: D18D2753967F19E50C7C3D2FA8C9D356
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
Frame ID: 5E0D99BB9F2ADE4E438D9FEE912B9F2C
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
Frame ID: 628BFFD645974AF1918BB5BD1188DEC2
Requests: 12 HTTP requests in this frame

Frame: https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: D78D5B31012BE86CE6E3A6E278C4D305
Requests: 2 HTTP requests in this frame

Frame: https://alm.demdex.net/dest5.html?d_nsid=0
Frame ID: 1176083025E8EAF90648D4834AEF385B
Requests: 1 HTTP requests in this frame

Frame: https://e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4B1128986A73199FB686DC43F81E63F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58160CF683903ECD3AE5B550FF1F8C5C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90DD0441320D9F65FD162E2E69F5EF45
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com
Frame ID: B8FF113A4DD04C276A0F8B26E8D20445
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C238%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C3011%2C182%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C126%2C203%2C10000%2C108%2C9%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CAB9B286D1CCAEA00A81A673593FF2DF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: AF188672BBF11BD1264BC91AEDC47520
Requests: 33 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Frame ID: B3FB279DA38C170B3B3415756E362EAB
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 3355D28C86860348C07747048ECA998C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1704731679745
Frame ID: DD3126DCC3E2F823D84E41ADC4078D08
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC349F2B777132370D2E2BA0BD51B49B
Requests: 3 HTTP requests in this frame

Frame: https://yourbow-d.openx.net/w/1.0/pd
Frame ID: C751B0CFE679206D6C34C9301CB8B31D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79443A93CA626DC8C9457720875C26A9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Credit Union Times | Accurate and Timely CU News | Credit Union Times

Page URL History Show full URLs

http://linkmktg.cutimes.com/ HTTP 302
http://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https... HTTP 302
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=2c5c9656-81af-4665-bbd0-e1b158ff481d... HTTP 302
https://www.cutimes.com/?slreturn=20240008113432 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

384
Requests

93 %
HTTPS

35 %
IPv6

73
Domains

112
Subdomains

90
IPs

8
Countries

3072 kB
Transfer

6382 kB
Size

80
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alm.com/privacy-policy-new/#section5
Title: Click

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Credit-Union-Times/95378106084

Search URL Search Domain Scan URL

URL: https://twitter.com/CU_Times

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/3821859/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Login.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F
Title: Register

Search URL Search Domain Scan URL

URL: https://event.cutimes.com/cutimes-luminaries-awards/
Title: Event Site

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/Newsletters.aspx?promoCode=CUT&intcmp=source_website_medium_header_campaign_newsletterpagenewux2023_content_navlink_term_cut
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.alm.com/terms-of-use-summit/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.alm.com/privacy-summit/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.alm.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/Registration/MyAccount.aspx?promoCode=CUT#/EmailPref
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alaa32/prgm.cgi
Title: The Evolution and Opportunities of EBPP for Credit Unions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel18/prgm.cgi
Title: More and Better: 2024 Risk Management Strategies for Automotive Lenders

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel17/prgm.cgi
Title: Near and Non-Prime Automotive Consumer Update

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa40/prgm.cgi
Title: 24% of Consumers Would Choose Local FIs for Credit Card

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_fisx10/prgm.cgi
Title: What Measures Can Be Taken to Shield Your Financial Institution From Market Disruptions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa5498/prgm.cgi
Title: Maximizing Credit Union Revenue through Strategic Loan Participations

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alog16/prgm.cgi
Title: Modernize Legacy Back Office Processing With Continuously Maintained Solutions

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_upst20/prgm.cgi
Title: How Vantage West is Optimizing Its Portfolio To Withstand Economic Cycles

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel15/prgm.cgi
Title: Ready for AI? Why Credit Unions Should Consider a Nuanced Approach

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_upst19/prgm.cgi
Title: Gaining New Members & Cross-Selling Opportunities with the Upstart Referral Network

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_fisx09/prgm.cgi
Title: Advance Your Members' Experience

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel12/prgm.cgi
Title: Rising Rejection Rates Cost Lenders and Borrowers

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_alog15/prgm.cgi
Title: The Proof Is in the Real-Time Access to Data: Tackling Fraud, and Making Personalized and Consistent Member Experiences a Reality

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_opel11/prgm.cgi
Title: 5 Questions to Ask When Choosing an Auto Lending Enablement Solution

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa38/prgm.cgi
Title: Credit Card Programs: Does the value outweigh the risk?

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa33/prgm.cgi
Title: Credit Card Strategy in a Rising Rate Environment

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa30/prgm.cgi
Title: The Credit Card Pull: How to Attract the Next Generation of Members

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa36/prgm.cgi
Title: Q1 Survey Shows 33% of Cardholders Increased Spending

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_elaa32/prgm.cgi
Title: Top 5 Merchant Payments Trends to Watch for in 2023

Search URL Search Domain Scan URL

URL: https://cutimes.tradepub.com/free/w_defa3402/prgm.cgi
Title: Think Beyond Credit Score: How Credit Unions Can Grow and Engage Members

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/default.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/

Search URL Search Domain Scan URL

URL: https://store.law.com/registration/login.aspx?promoCode=CUT:LIMITED&source=https://www.cutimes.com/
Title: Sign In Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://linkmktg.cutimes.com/ HTTP 302
http://cutimes.com/ HTTP 301
https://www.cutimes.com/ HTTP 302
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432 HTTP 302
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=2c5c9656-81af-4665-bbd0-e1b158ff481d&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20240008113432&debug=lawDomainIPWithRefRedirectAnon HTTP 302
https://www.cutimes.com/?slreturn=20240008113432 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 83

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369

Request Chain 92

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D576758%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20240008113432 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%253D576758%2526tzOffset%253D-60%2526url%253Dhttps%25253A%25252F%25252Fwww.cutimes.com%25252F%25253Fslreturn%25253D20240008113432 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=829836357413403589&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=576758&tzOffset=-60&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432

Request Chain 135

https://cm.everesttech.net/cm/dd?d_uuid=08219036741481454810063309085684041017 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZwkHwAAAJFWvwNx

Request Chain 141

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1704731678903%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%253Fslreturn%253D20240008113432%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true&e_ipv6=AQJoDfGqaKek3AAAAYzp7R3N3XzVuL9Jr-CV4kXoYXwxWmoYjJtMPWLOz2Eh9hgyhWgQst8ruTPQ

Request Chain 160

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432 HTTP 302
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432

Request Chain 178

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432 HTTP 302
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=829836357413403589&pixelIndex=0 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=829836357413403589&pixelIndex=0&google_gid=CAESELxTCMLj8ei0H0ofxBhQlao&google_cver=1

Request Chain 319

https://gum.criteo.com/sid/json?origin=publishertag&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=MR8pbnxCR3JKb3pwbnZ3aGFKaHNmbm9lNXorbkYxRGxBY2pyZTVOL0lLTUMyU0U3MHYxQStCRjV2a290dys2dHhLQWNjbUh5bGQreTBBQnJBY1N5djhDTVYwbUw1WEYyQWxVcnkwYzcxZTVSTmtaSjMzR3JYS3pIaGZXU2NwR0hROFM3RmVwbmV2cWcrR2tlbDdTd09jbGRGWGdNRGw4bytTVXlqc1JCMUpYbnlUT1FMN1JRNXZGM0Y5aDdGY1ZiVGllbUs1R0lEVm5jREJZSEdpSjhjQ0tXRlJERVdaSkVTYTlWdENuS3A1V0RuZlB5WCt0bVBDRElZbmRSRmVoWDZOZ2N6a3lwTWlZYUFkemdlUVROOVgvVzIrTFlXRkh5dzhhQjcraENSU203cUpyRT18&cppv=2

Request Chain 349

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=cdc27ede-7a2a-43d2-84e3-6520bc8f9306&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 356

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dec5098c-cca1-4483-69b7-dae58bda9e24&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=08219036741481454810063309085684041017&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 359

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7321766822678821012&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 360

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24

Request Chain 361

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361&bounce=1&random=1630136894 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=VBhRHXGHXJMS5OWnXWIk0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 363

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dec5098c-cca1-4483-69b7-dae58bda9e24?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 364

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-N7F5gHtE2opfIl2uInQg3kh4PtocpO4E9Q--~A&zpartnerid=570&env=mWeb

Request Chain 365

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=UCbPtDdKYrU0c1NfnLgbqiyqOf9KXs51%2BS41iYitP1U%3D

Request Chain 369

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZZwkHwAAAJFWvwNx&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 370

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 371

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361&dcc=t

Request Chain 373

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Request Chain 374

https://pixel.rubiconproject.com/token?pid=41544&puid=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LR55866A-Z-G7CY&env=mWeb&zpartnerid=1770&gdpr=1

Request Chain 377

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=1sXVANLE3lDNxY0B0cTBV4PD2ALNwdgF0JYDGi_g&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

384 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cutimes.com/
Redirect Chain

http://linkmktg.cutimes.com/
http://cutimes.com/
https://www.cutimes.com/
https://store.law.com/Registration/Login.aspx?mode=silent&refDomain=store.cutimes.com&source=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
https://store.cutimes.com/Registration/Login.aspx?mode=token&ucid=2c5c9656-81af-4665-bbd0-e1b158ff481d&source=https%3a%2f%2fwww.cutimes.com%2f%3fslreturn%3d20240008113432&debug=lawDomainIPWithRefRe...
https://www.cutimes.com/?slreturn=20240008113432

95 KB
17 KB

198ms
198ms

Document
text/html

2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1c1dec900bf44a7268da45c5568be61839585224a45fe46d8178eb77d03ae2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
backend: templates_newlaw_director
cf-cache-status: DYNAMIC
cf-ray: 8425d953cae71c30-FRA
content-encoding: br
content-language: de-DE
content-type: text/html;charset=utf-8
date: Mon, 08 Jan 2024 16:34:36 GMT
server: cloudflare
vary: accept-encoding
x-cache: MISS
x-frame-options: SAMEORIGIN
x-vnode: 21

Redirect headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8425d95118891c30-FRA
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Mon, 08 Jan 2024 16:34:36 GMT
location: https://www.cutimes.com/?slreturn=20240008113432
referrer-policy: origin-when-cross-origin
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: Server #2
x-robots-tag: noindex, nofollow

GET
H2 200 rocket-loader.min.js Show response
www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 31ms
27ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8425d9552c8e1c30-FRA
expires: Wed, 10 Jan 2024 16:34:36 GMT

GET
H2 200 fa-icons-lib.min.css
www.cutimes.com/assets/build/css/ 4 KB
1 KB 440ms
437ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/build/css/fa-icons-lib.min.css

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: REVALIDATED
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"4085-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c7d1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 markets-lite.min.css
www.cutimes.com/assets/master-template/css/release/ 221 KB
32 KB 541ms
539ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/markets-lite.min.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8584f0da354b5ad22cb4f2b742f6d1df32f3f911792a6bb1baaf4be7498a965

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"226427-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c821c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 bootstrap-master-template.min.css
www.cutimes.com/assets/master-template/css/release/ 105 KB
18 KB 44ms
42ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/release/bootstrap-master-template.min.css

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: HIT
age: 2355
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"107730-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c851c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 falcon-ui.css
www.cutimes.com/assets/css/ 771 B
423 B 439ms
437ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/css/falcon-ui.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
ntcoent-length: 771
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"771-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c861c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 qkq4rhw.css
use.typekit.net/ 6 KB
1 KB 82ms
22ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 pagination.css
www.cutimes.com/assets/master-template/css/plc/ 4 KB
1011 B 449ms
447ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/plc/pagination.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"4295-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c871c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 omeda.css
www.cutimes.com/assets/master-template/css/market-css/ 2 KB
747 B 442ms
440ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/market-css/omeda.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"2282-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c8c1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 luminaries.css
www.cutimes.com/assets/master-template/css/market-css/ 7 KB
2 KB 439ms
438ms Stylesheet
text/css 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/css/market-css/luminaries.css?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"7047-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d9552c8d1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 nav-icon-mini-burger-white.png
www.cutimes.com/assets/master-template/images/market-images/ 58 B
318 B 437ms
436ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-mini-burger-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2855
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-mini-burger-white.webp"
content-length: 58
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"2855-1704222302000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9552c8f1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 nav-icon-search-white.png
www.cutimes.com/assets/master-template/images/market-images/ 362 B
507 B 442ms
441ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-search-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3368
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-search-white.webp"
content-length: 362
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"3368-1704214316000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9552c901c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 social-fb-white.png
www.cutimes.com/assets/master-template/images/market-images/ 1 KB
1 KB 434ms
429ms Image
image/png 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-fb-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

083018544ecfdbe6462c83d2595a7253796352ca3df1d37bbe9cf674bee82fab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: EXPIRED
x-cache: MISS
backend: templates_newlaw_director
content-length: 1222
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"1222-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9556cc41c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 social-tw-white.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 435ms
429ms Image
image/png 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-tw-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b77b6ec808d5031798aa26307cf2a499dc9cbb8502dc9e2994e58aeb9e4e1a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: EXPIRED
x-cache: MISS
backend: templates_newlaw_director
content-length: 1583
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"1583-1704222302000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9556cc51c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 social-li-white.png
www.cutimes.com/assets/master-template/images/market-images/ 256 B
396 B 429ms
424ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/social-li-white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1413
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="social-li-white.webp"
content-length: 256
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1413-1704214316000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9556cc81c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 nav-icon-sign-in.png
www.cutimes.com/assets/master-template/images/ 236 B
377 B 431ms
427ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/nav-icon-sign-in.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1322
x-cache: MISS
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in.webp"
content-length: 236
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"1322-1704214316000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9556cca1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 ALM_Credit_Union_Times_white.png
www.cutimes.com/assets/master-template/images/market-images/ 2 KB
2 KB 47ms
43ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/ALM_Credit_Union_Times_white.png

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 2356
cf-polished: origFmt=png, origSize=4365
x-cache: HIT 2
backend: templates_newlaw_director
content-disposition: inline; filename="ALM_Credit_Union_Times_white.webp"
content-length: 2078
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"4365-1704214316000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d9556ccb1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 HR-employees-team-gears-development-e1701298237506.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/11/ 43 KB
43 KB 464ms
443ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/11/HR-employees-team-gears-development-e1701298237506.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0148a69b678568e8f7a40af61066dc0f970f6da6e58024a4e599d9e25d7ec432

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=52753
x-cache: HIT 1
backend: contribsreimg_prod_director
content-disposition: inline; filename="HR-employees-team-gears-development-e1701298237506.webp"
content-length: 43540
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Nov 2023 22:50:37 GMT
server: cloudflare
etag: "af57c0-ce11-60b525d1de7d6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9558ce71c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 decision-question-staircase-e1537447340954.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/09/ 17 KB
17 KB 443ms
423ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/09/decision-question-staircase-e1537447340954.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148bbfcde30b31ca1b10db5991c22fcbc396c86d5102f425e0314d651f0375e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=30847
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="decision-question-staircase-e1537447340954.webp"
content-length: 17128
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Sep 2018 12:42:20 GMT
server: cloudflare
etag: "536c50-787f-5764cda9debbc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9558ce81c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 Jason_Lee_in-action-e1701106011305.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/11/ 26 KB
27 KB 441ms
422ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/11/Jason_Lee_in-action-e1701106011305.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e27f9a7020696fd051c2d220e3c6c95021b4d3c484d7fe11395a300a2299f05a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=40478
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="Jason_Lee_in-action-e1701106011305.webp"
content-length: 27126
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Nov 2023 17:26:51 GMT
server: cloudflare
etag: "af530a-9e1e-60b259b87af08"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9558ce91c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 Melissa-Moffa-at-desk-e1698682378517.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/10/ 50 KB
50 KB 442ms
424ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/10/Melissa-Moffa-at-desk-e1698682378517.jpg

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed57dc5a5d963ca7a00a6d51fd9c9d2997f2288c451d31586040581c61b90853

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=58896
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="Melissa-Moffa-at-desk-e1698682378517.webp"
content-length: 51134
cf-bgj: imgq:85,h2pri
last-modified: Mon, 30 Oct 2023 16:12:58 GMT
server: cloudflare
etag: "aa48b2-e610-608f14fc06268"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9558ce41c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 owl.carousel.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 3 KB
1 KB 95ms
23ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.carousel.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id: 4963bb2bbf138352694fed3c4d1e86a484f8daa4
date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 4
age: 547
x-cache: HIT
x-proxy-cache: MISS
content-length: 1068
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: E32E:34C2C9:723F8A4:7425178:65961B6F
x-timer: S1704731677.090716,VS0,VE2
etag: W/"5ad9e9ac-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 04 Jan 2024 02:53:59 GMT

GET
H2 200 owl.theme.default.min.css
owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/ 1013 B
655 B 95ms
23ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://owlcarousel2.github.io/OwlCarousel2/assets/owlcarousel/assets/owl.theme.default.min.css
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id: eeab67a5e553168bc3007e3369bf1ab0c09ec349
date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 3
age: 73
x-cache: HIT
x-proxy-cache: HIT
content-length: 479
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Fri, 20 Apr 2018 13:22:52 GMT
server: GitHub.com
x-github-request-id: 8EA0:26A70F:1BE21D8:1C63E85:657A9131
x-timer: S1704731677.090688,VS0,VE2
etag: W/"5ad9e9ac-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 14 Dec 2023 05:26:11 GMT

GET
H2 200 moatheader.js
z.moatads.com/almheader466656885399/ 0
90 KB 94ms
25ms Other
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:35:25 GMT
server: AmazonS3
x-amz-request-id: VS8E0A9BG611BPKZ
etag: "3a1834f59b5325ceeba948f1ecd965b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44648
accept-ranges: bytes
content-length: 92096
x-amz-id-2: wl6yZ/58BI7yfwLA2Ram9Lb8PH9YOWm5jhopgL73aH9dI6xRyqvdhXWipZoHqnb89djHKOxpvKE=

GET
H2 200 qkq4rhw.css
use.typekit.net/ 0
1 KB 47ms
23ms Other
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qkq4rhw.css

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 906

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 187ms
34ms Stylesheet
text/css 2a02:26f0:7100::1720:ef1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qkq4rhw&ht=tk&f=139.169.175.5474.25136.14541.14546.14548&a=702529&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ef1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 CU_Times_Career_Center_Banner_ad_300x250.jpg
imageserver.amlaw.com/images/ 34 KB
34 KB 300ms
230ms Image
image/jpeg 2606:4700::6812:c5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/images/CU_Times_Career_Center_Banner_ad_300x250.jpg
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-bgj: h2pri
last-modified: Wed, 17 May 2023 13:09:42 GMT
server: cloudflare
etag: "1b4547d8c088d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9591eaf4dc0-FRA
content-length: 34323
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 CUTimes-300x250px.jpg
imageserver.amlaw.com/images/ 35 KB
36 KB 109ms
39ms Image
image/jpeg 2606:4700::6812:c5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageserver.amlaw.com/images/CUTimes-300x250px.jpg
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 2355
x-powered-by: ASP.NET
content-length: 36042
cf-bgj: h2pri
last-modified: Tue, 28 Feb 2023 14:55:34 GMT
server: cloudflare
etag: "bc7222b6844bd91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9591eb34dc0-FRA
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 l
use.typekit.net/af/827015/000000000000000000011c3b/27/ 18 KB
18 KB 89ms
22ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "fa20d38ca87af1153085d9146b698f2bb93b7223"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18468

GET
H2 200 l
use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/ 33 KB
33 KB 133ms
65ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3eee8/00000000000000003b9b093c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "0373618e2db17cca6330e4b11556968310f08eb7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33856

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 124ms
57ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 107ms
40ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33660

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 32 KB
32 KB 114ms
46ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32384

GET
H2 200 l
use.typekit.net/af/2553b3/000000000000000000011c34/27/ 19 KB
19 KB 91ms
25ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "5cf72d8979177145b3e27e04c6afd6f60bee7a35"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19288

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 32 KB
33 KB 137ms
71ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "b7f32cce44884c0c7d09c7eaf8ec10d20386685b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33188

GET
H2 200 l
use.typekit.net/af/1ade3e/000000000000000000011c39/27/ 19 KB
19 KB 85ms
20ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1ade3e/000000000000000000011c39/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf

Request headers

Referer: https://use.typekit.net/qkq4rhw.css?2024-01-08-11
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
server: nginx
etag: "70dc2d1e85f8b46c0851a31b57494c0bdb743209"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19412

GET
H2 200 river-load-more-pg.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 4 KB
2 KB 160ms
137ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/river-load-more-pg.min.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"4031-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95908461c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:37 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
15 KB 227ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3404207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15508
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9v3XsphY8w0h7EMNQ5wGwkJEMCh2x6kviV0Tgn9lbMO7N54ysXPGyEcnY6EHHUxa%2FAgSulXrVgfyJum5j5xUnp48qH5T2m3I0Z9u2QLEQF6U4rYu6IRdZwWioKXjXL6gmcDG%2F5sqKMNpMwA7hu8lysG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425d95a2d6d65af-FRA
expires: Sat, 28 Dec 2024 16:34:37 GMT

GET
H/1.1 200
OK TimeConversion.js Show response
store.law.com/registration/js/ 9 KB
2 KB 320ms
107ms Script
application/javascript 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/registration/js/TimeConversion.js?2024-01-08-11
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Westwood, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: 815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 16:30:16 GMT
Via: NS-CACHE-10.0: 56
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Jan 2024 22:00:41 GMT
Server: Microsoft-IIS/8.5
Age: 419
ETag: "808a4420c73dda1:0"
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800,public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1875

GET
H2 200 sponsorships.js Show response
www.cutimes.com/assets/multishared/js/ 1 KB
595 B 458ms
435ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/multishared/js/sponsorships.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"1454-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95908471c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 jquery.history.js Show response
www.cutimes.com/assets/js/core/ 21 KB
7 KB 449ms
427ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/js/core/jquery.history.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"21571-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95908491c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ 18 KB
7 KB 230ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5237233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6463
last-modified: Fri, 28 Aug 2020 22:36:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986fd-48b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLJIgMSrnYTdfmRkTi5vWh1ExUZm6MhDnA5OybURj3NR1GhRcalDNK7L21n9oRT%2FZhdQZc94BZEim2xVBX%2B668E1M2ax6DLOTLjVjiWFLjUscDlk958UQuXQaWFtG6rrtntkWOH4QvUR1y3hQrIc7djt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425d95a2d6c65af-FRA
expires: Sat, 28 Dec 2024 16:34:37 GMT

GET
H2 200 jquery.touchSwipe.js Show response
www.cutimes.com/assets/js/core/ 66 KB
16 KB 548ms
526ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/js/core/jquery.touchSwipe.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"67916-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084a1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 tealium.js Show response
www.cutimes.com/assets/master-template/js/ 5 KB
1 KB 454ms
433ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/tealium.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 1
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"4833-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084b1c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H/1.1 200
OK overlayForm.js Show response
store.law.com/Registration/js/ 14 KB
4 KB 325ms
106ms Script
application/javascript 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://store.law.com/Registration/js/overlayForm.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Westwood, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / Server #2
Resource Hash: 30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 16:30:18 GMT
Via: NS-CACHE-10.0: 56
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Jan 2024 22:00:41 GMT
Server: Microsoft-IIS/8.5
Age: 417
ETag: "808a4420c73dda1:0"
X-Powered-By: Server #2
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900,public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3647

GET
H2 200 common.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 53 KB
14 KB 455ms
434ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/common.min.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"54571-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084c1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 luminaries-rmr-tab.js Show response
www.cutimes.com/assets/master-template/js/sbm/ 3 KB
730 B 448ms
427ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/sbm/luminaries-rmr-tab.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"2698-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084d1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 omeda.js Show response
www.cutimes.com/assets/master-template/js/ 504 B
390 B 446ms
426ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/omeda.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"504-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084e1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 service-worker.js Show response
www.cutimes.com/assets/master-template/js/ 72 B
155 B 450ms
431ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/service-worker.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c617affb7d70ef25f7551268ba92294a4ed5ed55e46d7716996d3cc431497e9a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: HIT 2
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"72-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d959084f1c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 olytics_dfp.js Show response
www.cutimes.com/assets/master-template/js/ 6 KB
2 KB 464ms
445ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"5676-1704214316000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95908501c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET lazyloadXT.min.js
www.cutimes.com/assets/master-template/js/release/ 0
0

GET
H2 200 moatheader.js Show response
z.moatads.com/almheader466656885399/ 259 KB
90 KB 38ms
20ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/almheader466656885399/moatheader.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: afd4be5a76e3b5d263c387030e42bf12e1fff408298be4d2443b5549b553a7d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 07:35:25 GMT
server: AmazonS3
x-amz-request-id: VS8E0A9BG611BPKZ
etag: "3a1834f59b5325ceeba948f1ecd965b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44648
accept-ranges: bytes
content-length: 92096
x-amz-id-2: wl6yZ/58BI7yfwLA2Ram9Lb8PH9YOWm5jhopgL73aH9dI6xRyqvdhXWipZoHqnb89djHKOxpvKE=

GET
H2 200 hbyb.js Show response
cdn.yourbow.com/alm/cutimes/ 410 KB
411 KB 218ms
25ms Script
text/javascript 35.244.141.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.141.151 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.141.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eee956e4839cd30b305799f1ef77d3f52c0e9a7c614e05bc6a1b1c081419fe57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:35:51 GMT
age: 3526
x-guploader-uploadid: ABPtcPr0Fe1eNlbrVwAeSquBr1ZCC1G_cE4e_fxODHQ10YhDzKhmPv3R48-5tpPeRfCiEX_qxg7Zxl8D1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 420219
last-modified: Mon, 06 Nov 2023 19:36:59 GMT
server: UploadServer
etag: "b6a308ee1fb4c1163d2f5c6bb49b2ea3"
x-goog-generation: 1699299419606260
x-goog-hash: crc32c=xLo8Gg==, md5=tqMI7h+0wRY9L1xrtJsuow==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 420219
accept-ranges: bytes

GET
H2 200 bombora-rtvi.js Show response
www.cutimes.com/assets/master-template/js/ 1001 B
660 B 468ms
451ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2024-01-08-11

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: MISS
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"1001-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95928701c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/ 11 KB
4 KB 223ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.1/jquery-migrate.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 245314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3592
last-modified: Thu, 25 Jun 2020 01:22:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ef3fc71-2b0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lk3DTZx6JZL%2FgFcZ9SLspfPtZAm4ifZ7hOT4smjNKa4AEL8yoml7MHohmoNgKUxPdl%2FptJd8VRuSJtLWupILJ2%2FBOATR8GRwvjZ2CDlimWCsd5QdKMLubAtfeOqlHUnkXbPZkVGpU6EFn5fs4u2VwVGl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425d95a2d6865af-FRA
expires: Sat, 28 Dec 2024 16:34:37 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 219ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5152722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n93bcZZaEv9DQ2XG1g5zN6bCy4DghoNWPkpU4jmezzyTXibvoGVuzB3oLlSY9wzl1zku7Hhj0YRj56oX0A5x%2B0frML%2BXd5T7x6M7DSTo5O7SaQxktmgMtrNHoU5nbvI%2FNxsDjDdoFcxzKJqhcKaesQXv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8425d95a2d6b65af-FRA
expires: Sat, 28 Dec 2024 16:34:37 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 212ms
21ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 13:02:14 GMT

GET
H2 200 css Show response
fonts.googleapis.com/ 6 KB
2 KB 88ms
33ms Fetch
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 16:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 14:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 16:34:37 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 641 B
718 B 233ms
66ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YHLM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Lw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pcode=almheader466656885399&rx=838725961263&callback=MoatNadoAllJsonpRequest_78333391
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ce33283fc82034e91afe55a3b5c0d3b805c954ef5698cb941004b265e6a9bd8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
server: istio-envoy
etag: "9e80419f3baad58e3a75ca9f618e61d6d18b2a95"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 16
timing-allow-origin: *
content-length: 641

GET
H2 200 n.js Show response
mb.moatads.com/ 85 B
262 B 207ms
51ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YHLM1%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Lw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ALM_HEADER1&hp=1&wf=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1704731677849&de=174526975550&rx=838725961263&m=0&ar=cc84ca2002d-clean&iw=1608050&q=1&cb=0&cu=1704731677849&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatDomain=undefined&zMoatSubdomain=undefined&dfp=true&la=undefined&gw=almheader466656885399&fd=1&it=500&ti=0&ih=2&pe=1%3A2587%3A2587%3A2835%3A2572&fs=206701&na=445493087&cs=0&callback=MoatDataJsonpRequest_78333391
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: f69d645eff4e59a43a4c82f98cbdbbff97380c3fd99fb7a32279bebea6f3bbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
server: istio-envoy
etag: "caddc4001da4fb2df01d5589adc52b80f5e494e0"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 9
timing-allow-origin: *
content-length: 85

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame D18D 1 KB
2 KB 30ms
21ms Document
text/html 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/almheader466656885399/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3014
content-length: 1374
content-type: text/html
date: Mon, 08 Jan 2024 16:34:37 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
unused62: 8096267
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 163ms
33ms Script
application/javascript 13.249.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-8-8.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:59:09 GMT
content-encoding: gzip
via: 1.1 7f6daa45933d04d067f0c47d0d31fef8.cloudfront.net (CloudFront), 1.1 ade5b31bd02630f0b5fc77309a9d7038.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: MAN50-C2, CDG53-C1
age: 2130
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Rsz63aWqp4OnLTkS61Kb53mvPlt6qLNs2AUvoj7ue_9lCS7ETrc0oA==

GET
H2 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 247 KB
69 KB 113ms
35ms Script
application/javascript 2600:9000:20c3:5200:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/olytics_dfp.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:5200:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9476829b95e258d910312ec7f2f30b425355061a2110d1e8f094b1c3a0587705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 12162
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:20:46 GMT
server: Apache
etag: W/"252633-1701440446000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: 5pR3zKWewU5sSwKDy0Xs1jrcwjt2tiWgLsJYzzbGewg_XDXA3neJfA==
expires: Fri, 05 Jan 2024 19:11:54 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 128 KB
35 KB 115ms
40ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c527b47539761841571efc2b5d04fb578c0d59353812b420fe5d0c9f1a786251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ZQlVQU85HYOojny2g8fEUsJHRWzDAg37
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:30:08 GMT
last-modified: Sat, 23 Dec 2023 00:46:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 277
x-amz-server-side-encryption: AES256
etag: W/"19c7371fb161e1691257aaacc1b8765f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 5wPJGEKcE0k7fZNuQmPFesk90gTrKYsAWTAZoxJtJh24f1hXvXqkpw==

GET
H2 200 smart_cutimes.epl Show response
www.dianomi.com/ Frame 5E0D 630 B
360 B 274ms
160ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1731a67991a84fb387adaf4dfc6176dea8f2594bafaff47c9f0fdead2026c75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8425d95c9f415902-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:34:38 GMT
expires: now
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smart_cutimes.epl Show response
www.dianomi.com/ Frame 628B 630 B
570 B 263ms
150ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e0d78fab6d730ebc837900912f3df5db528829b3c082eddc18cf94e6feb154

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8425d95c9f3a5902-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:34:38 GMT
expires: now
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js Show response
s.dpmsrv.com/ 361 KB
30 KB 144ms
39ms Script
application/x-javascript 108.138.36.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_ff1eb8bd6cb17940ab78c0eeecf66268772f2061.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-90.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92328f99c7b0e8408bae1caabf1db6258afb28ddee4847581a07bf36fd74cd58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 19:58:00 GMT
Content-Encoding: gzip
Via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 Jan 2024 19:30:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 74199
x-amz-server-side-encryption: AES256
ETag: "795955b9932c520f1538ac32cb72892d"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30126
X-Amz-Cf-Id: C0wChGYBdRU39U5SrFpRBdDWLxxEnal9h4hxQZmvZNdXCITl98qIdQ==

GET
H2 200 get Show response
vi.ml314.com/ 916 B
765 B 158ms
58ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=80951&tk=GfRuA1kFT83xUQHkDF2f342bL3qo62byam2QEUWYmUPbh03d&fp=

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/bombora-rtvi.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

75eb7f1fc9528aecd566f5317871cbc67105e80bd95aa0ffa693f8f7edc5ed24

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Mon, 08 Jan 2024 16:34:38 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 lazyloadXT.min.js Show response
www.cutimes.com/assets/master-template/js/release/ 3 KB
2 KB 65ms
42ms Script
application/javascript 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Requested by

Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: HIT
age: 0
x-cache: MISS
backend: templates_newlaw_director
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
server: cloudflare
etag: W/"2937-1704222302000"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8425d95c2aca1c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2

200

main.js Show response
www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame D78D
Redirect Chain

https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

26ms
26ms

Script
application/javascript

2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Protocol

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e5275f6ca7c4a4f1d537188a0b31c722d7e4c59500fdf888f85791d39ccf66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8425d95d4be81c30-FRA

Redirect headers

location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 8425d95c9b481c30-FRA
vary: accept-encoding

GET
H3 200 css
fonts.googleapis.com/ 16 KB
2 KB 85ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:16:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 16:34:38 GMT

GET
H2 200 all.json Show response
www.cutimes.com//paging/content/ 100 KB
17 KB 172ms
171ms XHR
application/json 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cutimes.com//paging/content/all.json?id=33&limit=100&start=20

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a82bee07313431bd21f21b7335057d06023d6562435ec23d35496349a833fd9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/?slreturn=20240008113432
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-encoding: br
cf-cache-status: DYNAMIC
age: 158
x-cache: MISS
backend: templates_newlaw_director
server: cloudflare
etag: W/"KXPGOFLFNCPXZYWXY"
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400,public
access-control-allow-credentials: true
cf-ray: 8425d95d0bb41c30-FRA
x-vnode: 21

GET
H2 200 db83f9c6-a698-4a6a-89fb-c29c85426748 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
830 B 104ms
30ms Script
application/javascript 18.238.243.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-122.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: c86a010e1e191393c0badd56c6be1327bcb8bc6e672c7cf711dd70b884207cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:59:02 GMT
via: 1.1 1d10719558a2481e0d462e12964f647a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2136
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 3K5sQH-ZUexaxdGmWhWI3L1C3NUOwWCoO417gbfasmFNk-a_kcuB8g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 126ms
125ms XHR
application/json 13.249.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cutimes.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-8-8.cdg53.r.cloudfront.net
Software: Server /
Resource Hash: 07da39edbe1f34550cc00d116e356078efcfdee3dbe6d73148f83f8d69b75aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:37 GMT
via: 1.1 ade5b31bd02630f0b5fc77309a9d7038.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1864
x-amz-cf-id: WVP_7Fu_GvYhYo5b9SiL4kQnflL44ONoF7mRkCXqhaXNrWTQhTASCg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
52ms XHR
application/javascript 13.249.8.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.8.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-8-8.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 29f91c1e9be6cbd10add7ba15aee7660.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 20:20:29 GMT
x-amz-cf-pop: CDG53-C1
age: 72850
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bUOHqqELnJde0PEQPsF0uoliaAT-LbOYwGYe4l8q4fpskcbHanS5pA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK / Show response
geoip.alm.com/json/ 184 B
449 B 343ms
113ms XHR
application/json 192.226.84.37
METTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.alm.com/json/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.226.84.37 Westwood, United States, ASN16524 (METTEL, US),
Reverse DNS
Software: /
Resource Hash: 8fd0c532809d8aeb3757907010e3863269341e0bbfd3bc79c3c07e0f3a5d2a80

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.cutimes.com
Date: Mon, 08 Jan 2024 16:34:38 GMT
Access-Control-Allow-Credentials: true
X-Database-Date: Sat, 06 Jan 2024 09:05:02 GMT
Content-Length: 184
Vary: Origin
Content-Type: application/json

GET
H2 200 merger-and-acquisitions-e1704488299977.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2024/01/ 34 KB
34 KB 427ms
424ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2024/01/merger-and-acquisitions-e1704488299977.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae6a15125a8ff43b1f6770419611a808d83b88188a034342c7accb97ca0468

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=48480
x-cache: HIT 4
backend: contribsreimg_prod_director
content-disposition: inline; filename="merger-and-acquisitions-e1704488299977.webp"
content-length: 34672
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Jan 2024 20:58:19 GMT
server: cloudflare
etag: "b24dd0-bd60-60e391b9c4318"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95d8c081c30-FRA
x-vnode: 27
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 fraud-investigation-e1519332756632.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2018/02/ 60 KB
60 KB 457ms
455ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2018/02/fraud-investigation-e1519332756632.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f5b95b14ae02098484c3fb428a99aca283db551516999cc9603f4d3712198e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=72020
x-cache: HIT 2
backend: contribsreimg_prod_director
content-disposition: inline; filename="fraud-investigation-e1519332756632.webp"
content-length: 61348
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Feb 2018 20:52:36 GMT
server: cloudflare
etag: "43ac8b-11954-565d3393f7717"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95d8c091c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 John-Huesing-e1704477172955.png
images.cutimes.com/contrib/content/uploads/sites/413/2024/01/ 213 KB
213 KB 433ms
431ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2024/01/John-Huesing-e1704477172955.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450b1a3596e6251ffcaad5a830fa369181338aff49f037a835deab2e72dc4a0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=341176
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="John-Huesing-e1704477172955.webp"
content-length: 218146
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Jan 2024 17:52:52 GMT
server: cloudflare
etag: "b24d17-534b8-60e36846303af"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95d8c0a1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 Tesla-electric-vehicle-charging-e1650391746709.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/04/ 12 KB
12 KB 463ms
462ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/04/Tesla-electric-vehicle-charging-e1650391746709.jpeg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e27caf5ef7575e44624276c4533ec16f31258d6baf6b33cc8a16fcc2fda5b4f4

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11924
last-modified: Fri, 23 Jun 2023 23:31:23 GMT
server: cloudflare
etag: "50aabc-2e94-5fed466248297"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95d8c0b1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 Make-A-Wish-UT-e1704397521892.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2024/01/ 18 KB
19 KB 425ms
425ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2024/01/Make-A-Wish-UT-e1704397521892.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26826aeb967b9e8670b198b37c1a738ea7eb4e4b879b50ca415a17565bba90e8

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origSize=19352, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 17948
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Jan 2024 19:06:37 GMT
server: cloudflare
etag: "b24d2f-4b98-60e378c1e4215"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95d8c0d1c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 tcfredirector.js Show response
www.dianomi.com/js/contextfeed/ Frame 628B 51 KB
15 KB 46ms
46ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/tcfredirector.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d9b5b76e67f731f38a28f50ab51262d00b0a8660486df26fb8d4571d1cbd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 14:33:05 GMT
server: cloudflare
etag: W/"cb99-60b374bf4c070"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8425d95da9d15902-TXL
expires: Mon, 08 Jan 2024 16:36:38 GMT

GET
H2 200 utag.119.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 11 KB
4 KB 37ms
21ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202310261821
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd6e44de106272c5bee56ffd6d663e6203123927dbe94fd1fda54434fd60971d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 47F.o6ehtvp2Q72TPjugBFYqulQYiTjU
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:32:49 GMT
last-modified: Sat, 23 Dec 2023 00:46:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 124
x-amz-server-side-encryption: AES256
etag: W/"23366c6e81282776a1979e3b37c42072"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: nNdRevA-gWINR1tXYW0QuODPL3xMewUjr4sNi3Bx9ANOVluCKEp00w==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369

362 B
909 B

55ms
54ms

XHR
application/json

52.50.241.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369

Protocol

Server

52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-241-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8603c52d16fbf21c3e3b9466552912acd0b96ab59e291ff83e6685939239e797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-085d062c2.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: RLZvVmdNRfo=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 305
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0c81d9436.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ltEAkAVCRCs=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=96C4370453295E4C0A490D44%40AdobeOrg&d_nsid=0&ts=1704731678369
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 167ms
87ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 383589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 197ms
118ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:10:26 GMT
x-content-type-options: nosniff
age: 383052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:10:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 101ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 383589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 147ms
68ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cutimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 383589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 569ms
128ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cutimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 08 Jan 2024 16:34:38 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 216ms
96ms Fetch
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51050
x-xss-protection: 0
server: cafe
etag: 921254054211125252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 16:34:38 GMT

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
359 B 144ms
143ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.165 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 08 Jan 2024 16:34:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 2f2e9272-ed8b-4468-966b-aa499b286c8c Show response
cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/ 25 B
346 B 705ms
149ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/o/2684a44738904b93bc7b108deb51245b/c/null/a/2f2e9272-ed8b-4468-966b-aa499b286c8c

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 16:34:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 25
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D1008%26pixelIndex%3D0%26r%3D576758%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fw...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D1008%2526pixelIndex%253D0%2526r%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=829836357413403589&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=576758&tzOffset=-60&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432

250 B
995 B

538ms
131ms

Script
text/javascript

52.44.115.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=829836357413403589&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=576758&tzOffset=-60&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Protocol: HTTP/1.1
Server: 52.44.115.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-115-142.compute-1.amazonaws.com
Software: /
Resource Hash: 6ff567a4561010cb11f15d24a238869e1a55a405c703c2441331220afd4dc39c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 219
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
an-x-request-uuid: f4e17e5c-60d3-4a71-8730-a7e683798d80
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://a.dpmsrv.com/dpmpxl/index.php?id=829836357413403589&zn=&sn=&q=xImp&v=1.x&cl=1008&pixelIndex=0&r=576758&tzOffset=-60&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tcfredirector.js Show response
www.dianomi.com/js/contextfeed/ Frame 5E0D 51 KB
15 KB 63ms
63ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/tcfredirector.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d9b5b76e67f731f38a28f50ab51262d00b0a8660486df26fb8d4571d1cbd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 47
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 14:33:05 GMT
server: cloudflare
etag: W/"cb99-60b374bf4c070"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8425d95e7b915902-TXL
expires: Mon, 08 Jan 2024 16:36:38 GMT

GET
H2 200 utag.26.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 49ms
45ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202312141813
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6300593201861e0074ba84bdd2020b81fd995c806899aecd681137eea265b04b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: UmQ.Cers1F9709uN2RIt8U9Qw986bgHU
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:32:49 GMT
last-modified: Sat, 23 Dec 2023 00:46:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 123
x-amz-server-side-encryption: AES256
etag: W/"581d97e13e3538353ca9e59989ca679b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: WsrD5F7o1LznlVwpA98pCay_7FzBMlMe4TuY17aiQcMUz_twGadvcQ==

GET
H2 200 utag.131.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 85 KB
25 KB 49ms
45ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.131.js?utv=ut4.49.202312230044
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f95ab2dc37abf3779294a406533fcb6989b491c339e468c5e05a266b4fbd3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: .p7PPQnn2H09hV1DE8qWr0FZ1bBNl1m6
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:32:49 GMT
last-modified: Sat, 23 Dec 2023 00:46:09 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 124
x-amz-server-side-encryption: AES256
etag: W/"9929ed3d995219dae842acb40a646c2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: DvQ1UrsiSeovtJPJqYFCEWlSDU1WCpgZEZjmhbUrs70v5gCs6vpLLg==

GET
H2 200 utag.91.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 4 KB
2 KB 49ms
45ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.91.js?utv=ut4.49.202208181401
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 026ab806d2c45a791ebeef1f27fde0f9cd190da121f930d4a5a29c869817a184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: aKjXl1o9K4XTz6ur9KOXR8J1rM6efHkX
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:33:49 GMT
last-modified: Sat, 23 Dec 2023 00:46:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 235
x-amz-server-side-encryption: AES256
etag: W/"b932e516d6afadaefd0cdeb1401cffbf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: YHz_WAf3r2Knvyz7DTKegw2h3j4DqtQatwMNJili_jVqp7Om81YcTg==

GET
H2 200 utag.110.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 14 KB
4 KB 52ms
48ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.110.js?utv=ut4.49.202212130031
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 342ec68ee8ddd49d88f0d876c922c32af48c8cbf38bfc91ca43a008dbacd07d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: mrV0C.A3cODMbr46THrzIhRxz7Vf8YSi
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:34:38 GMT
last-modified: Sat, 23 Dec 2023 00:46:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 235
x-amz-server-side-encryption: AES256
etag: W/"29e7cc50a605f3d7b0054e51ae677a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: qUlMXIatrxQy9DGTCRdrh7PI5yhL7nkO1DyoVz1i23KtuoCQy4ShKQ==

GET
H2 200 utag.112.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
1 KB 49ms
46ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.112.js?utv=ut4.49.202208041434
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e2d5f107501e2c8704a37f1720bf2f80cc285f65afb91721a1386eba3a940d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: LSFPr_fCLpRcsgMyd_B.4FNr6OSGuaU3
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:32:49 GMT
last-modified: Sat, 23 Dec 2023 00:46:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 110
x-amz-server-side-encryption: AES256
etag: W/"5a5919507f17db33356c505794686112"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Yg_Qlaq41xongd8w6-zn_RKU7uayxeoef4AxXjOsyHdeg6OoZWJy0w==

GET
H2 200 utag.133.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 22 KB
7 KB 60ms
57ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.133.js?utv=ut4.49.202306261948
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58b98d31c5a3eb6974120711466f20510d1a748a27ed47fcd06455de0adafb9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ifQ9gPRFJhHO5ef3AG2a42BTu0rU9sAF
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:34:38 GMT
last-modified: Sat, 23 Dec 2023 00:46:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 197
x-amz-server-side-encryption: AES256
etag: W/"c3f55861b4b52ff9a47ffb41ddedbd2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 0uOtbrQ35B20Uwt4qJvghmnaP0lAF9I47GDUNiyfhfXc8xbkytO28Q==

GET
H2 200 utag.97.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 10 KB
3 KB 52ms
49ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aea6d2abb5e56a748a217c3a13dc91ebb9d4cb989739feb1d13eeeb11dc21cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: .ZwYbvz6x7QtCY6NFYiBVIiayAw8.pWn
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:34:38 GMT
last-modified: Sat, 23 Dec 2023 00:46:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 136
x-amz-server-side-encryption: AES256
etag: W/"ef9a56e2ab63f598534eaefffd5cd843"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: IH92SoE9d_VyJxIryf3ScqNP5z3RISSHwZ62rmcp4z6ldlCpqmJ4Vw==

GET
H2 200 utag.127.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 2 KB
2 KB 49ms
47ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.127.js?utv=ut4.49.202302070009
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce16cfcbaea661727dca218bd149e5b1d08fceb417f43c53b37676657ca25cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 57qOetCkseJqQ0Em6m8_P.q38ofUa3rf
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:33:04 GMT
last-modified: Sat, 23 Dec 2023 00:46:09 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 96
x-amz-server-side-encryption: AES256
etag: W/"1a47b7d486da9ac7473a6e28d057697a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: l_QgrPAvsOGhspOR86iFrvRbY_9l7lmArzd-bosQ55SIM9C3S9PQqQ==

GET
H2 200 utag.136.js Show response
tags.tiqcdn.com/utag/alm/main/prod/ 3 KB
2 KB 48ms
46ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.136.js?utv=ut4.49.202312141813
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d61a3b975aa256adb1cd5040f99c6d4aee90292fdff0fa1ce5f16b7a5b4475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: tt3lUe0YTsHRCOawkT6Pq_S_aKU6oR2q
content-encoding: br
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
date: Mon, 08 Jan 2024 16:32:09 GMT
last-modified: Sat, 23 Dec 2023 00:46:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 164
x-amz-server-side-encryption: AES256
etag: W/"37a9ce59372bdcb089f166b306e150a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: actsc11L7scHcSL8hqWpKdPjJOi-4zeZ2HRhvh59IBUKlx6jaggg6w==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 127ms
33ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 08 Jan 2024 16:49:38 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 120ms
34ms Script
text/javascript 18.239.18.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-12.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:52:46 GMT
content-encoding: gzip
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 52913
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: qPBjdw43B5E5adUyiibbg6vEOjiAkLHidCvS0oMtYCscsORnoU4cfg==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 125ms
32ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/?slreturn=20240008113432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Mon, 08 Jan 2024 16:49:38 GMT

GET
H2 200 nav-icon-sign-in-white.png
www.cutimes.com/assets/master-template/images/market-images/ 236 B
459 B 53ms
50ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/nav-icon-sign-in-white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 2355
cf-polished: origFmt=png, origSize=3131
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="nav-icon-sign-in-white.webp"
content-length: 236
last-modified: Tue, 02 Jan 2024 19:05:02 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"3131-1704222302000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d95ead261c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:38 GMT

GET
H2 200 arrow-open.png
www.cutimes.com/assets/master-template/images/market-images/ 134 B
342 B 52ms
49ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/market-images/arrow-open.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: HIT
age: 2355
cf-polished: origFmt=png, origSize=2986
x-cache: HIT 1
backend: templates_newlaw_director
content-disposition: inline; filename="arrow-open.webp"
content-length: 134
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"2986-1704214316000"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d95ead281c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:38 GMT

POST
H2 200 8425d953cae71c30 Show response
www.cutimes.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D78D 0
258 B 62ms
61ms XHR
text/plain 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cutimes.com/cdn-cgi/challenge-platform/h/g/jsd/r/8425d953cae71c30
Requested by: Host: www.cutimes.com
URL: https://www.cutimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
server: cloudflare
cf-ray: 8425d95fae821c30-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 CUNA-DC-Headquarters-e1695651453878.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/09/ 8 KB
8 KB 437ms
431ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/09/CUNA-DC-Headquarters-e1695651453878.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53816d4dc06adf9fe893bf0ad7858cdd7e39bd38920d8772e5bce8a760a67ad1

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
via: NS-CACHE-10.0: 56
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
cf-cache-status: MISS
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 7962
last-modified: Mon, 25 Sep 2023 18:02:53 GMT
server: cloudflare
etag: "aaaeee-1f1a-60632c4674c9a"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d95fdec61c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 Treasury_Building_Wash_ScarcellaALM_640x640-e1657716440264.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/07/ 14 KB
15 KB 446ms
428ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/07/Treasury_Building_Wash_ScarcellaALM_640x640-e1657716440264.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a7dbc9a0ba12522d0ad41b15543262e5710e3a6c20d7a4ebe468550ca8963a

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=14720, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 14431
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 16:59:02 GMT
server: cloudflare
etag: "506fdc-3980-5feceeafc421e"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9605f2c1c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 CFO-chief-financial-officer-e1698076829971.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2023/10/ 9 KB
9 KB 437ms
427ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/10/CFO-chief-financial-officer-e1698076829971.jpeg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7baa0f26bce11fe296b34f43c99817e63db5edadd9db99bad9d01c51133ef24c

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=10546
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="CFO-chief-financial-officer-e1698076829971.webp"
content-length: 9202
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 14:04:20 GMT
server: cloudflare
etag: "aa4c3f-2932-60917bf6bb253"
vary: Accept
contrib-server: Server241
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9605f381c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 Pile-of-cash.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/02/ 17 KB
17 KB 427ms
425ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/02/Pile-of-cash.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1d47e9784901423276fee7060fa65db32157267a5553dbb0898a2bfcab1c9c

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=17753, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 17162
cf-bgj: imgq:85,h2pri
last-modified: Sat, 24 Jun 2023 15:45:15 GMT
server: cloudflare
etag: "50ec4f-4559-5fee200ed8a19"
x-frame-options: SAMEORIGIN
contrib-server: Server241
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9607f5f1c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 Florida-e1703609465452.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/12/ 20 KB
20 KB 428ms
427ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/12/Florida-e1703609465452.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b022dd105c721adaa562f2d8dfdf0b8b7a4ef421d0612b9171386f26942d19ff

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=20751, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 20728
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 19:06:02 GMT
server: cloudflare
etag: "b0dddc-510f-60d969b527a44"
x-frame-options: SAMEORIGIN
contrib-server: Server241
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d960efc21c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 AdobeStock_330355245-e1667328738986.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/06/ 11 KB
11 KB 437ms
419ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/06/AdobeStock_330355245-e1667328738986.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c880dda18671605427b3feda9d6aab2821d4a9be9cc2d0dcfb0691588083bc

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origSize=12226, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11482
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 18:13:11 GMT
server: cloudflare
etag: "507d30-2fc2-5fecff4257a70"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9611ffb1c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 woman-walking-up-career-ladder-staircase-e1694018582381.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2023/09/ 2 KB
3 KB 426ms
421ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/09/woman-walking-up-career-ladder-staircase-e1694018582381.jpeg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d03fecbc0031b34e69716bd653c683881d140911ba1299f7b38205e51cd1771

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=3908
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="woman-walking-up-career-ladder-staircase-e1694018582381.webp"
content-length: 2264
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Sep 2023 14:07:09 GMT
server: cloudflare
etag: "aa7b3d-f44-6053e133d97d4"
vary: Accept
contrib-server: Server241
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d96299541c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 NCUA-Board-Room-Desk-e1655401750436.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2022/06/ 13 KB
14 KB 440ms
435ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/06/NCUA-Board-Room-Desk-e1655401750436.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e8277f7da94affabdb145949caee50c5224f052d8a4f3dceec04857293daf0

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origSize=14455, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 13671
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 17:03:23 GMT
server: cloudflare
etag: "50702b-3877-5fecefa88a084"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d96319d21c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 Courtney-Fulmer-e1703609104482.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/12/ 7 KB
7 KB 433ms
428ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/12/Courtney-Fulmer-e1703609104482.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ff1312191a61f1b6fe177f99358e2c9825e848c06d7054de5b18ecdba9a48b

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=7476
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="Courtney-Fulmer-e1703609104482.webp"
content-length: 6798
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 19:08:21 GMT
server: cloudflare
etag: "b0db6d-1d34-60d8285be819e"
vary: Accept
contrib-server: Server241
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d96319d51c30-FRA
x-vnode: 145
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 dividend231215_Kelly-Price_video_sent-e1703025387615.jpg
images.cutimes.com/contrib/content/uploads/sites/413/2023/12/ 10 KB
10 KB 450ms
447ms Image
image/webp 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2023/12/dividend231215_Kelly-Price_video_sent-e1703025387615.jpg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1145d0e2509ca7e780f5643d8b0039a1134bf2b69a06b0b14df2b8cdb6229dcd

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=11133
x-cache: MISS
backend: contribsreimg_prod_director
content-disposition: inline; filename="dividend231215_Kelly-Price_video_sent-e1703025387615.webp"
content-length: 10482
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Dec 2023 17:06:38 GMT
server: cloudflare
etag: "b0db10-2b7d-60d80d27baf9b"
vary: Accept
contrib-server: Server242
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d96329e21c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 menu-close-btn.png
www.cutimes.com/assets/master-template/images/ 3 KB
3 KB 446ms
442ms Image
image/png 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cutimes.com/assets/master-template/images/menu-close-btn.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/?slreturn=20240008113432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
via: NS-CACHE-10.0: 56
cf-cache-status: EXPIRED
x-cache: MISS
backend: templates_newlaw_director
content-length: 3321
last-modified: Tue, 02 Jan 2024 16:51:56 GMT
server: cloudflare
etag: W/"3321-1704214316000"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d95ffee51c30-FRA
x-vnode: 21
expires: Mon, 08 Jan 2024 20:34:39 GMT

HEAD
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0 163ms
84ms Fetch
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29019
x-xss-protection: 0
server: cafe
etag: 27 / 19730 / m202401020101 / config-hash: 8985763986514116503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 16:34:38 GMT

GET
H2 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 31ms
31ms Stylesheet
text/css 2600:9000:20c3:5200:1e:5cef:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202310261821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:5200:1e:5cef:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 11:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 acc9aed747aea07d6138203ddfb2dcd8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 19401
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 01 Dec 2023 14:20:46 GMT
server: Apache
etag: W/"28820-1701440446000"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: C6RG4t3l426G9opVUuizF7ysvKmKAzAZpNpgCxFE3fMVfdSGuOChrg==
expires: Fri, 05 Jan 2024 11:11:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 161ms
83ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.119.js?utv=ut4.49.202310261821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd4c40fc01d51572602f422faeaf4301c5b0d28c55d0fafdf82063d8c235de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: cafe
etag: 54 / 19730 / m202401020101 / config-hash: 8985763986514116503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 16:34:38 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 104ms
32ms Script
application/x-javascript 2600:9000:2646:1600:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.26.js?utv=ut4.49.202312141813
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 17:35:36 GMT
content-encoding: gzip
via: 1.1 b99111dfd026a3c99d0e66063beb0544.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 82742
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kwbcqn3YnSYtH-rSLj2SUmCS-AI9RS35f23_Fk1uQ_5vemeZsYXB2w==
expires: Mon, 08 Jan 2024 17:35:36 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 124ms
35ms Script
application/javascript 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 07 Jan 2024 16:03:13 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=75949
accept-ranges: bytes
content-length: 15605

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 109ms
23ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?80
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:41:16 GMT
via: 1.1 google
content-encoding: br
age: 3202
x-guploader-uploadid: ABPtcPpQJlDNIQCFx_0oBFrPfsuuPynF2iWp30wVVpijdSIpYQPFRjYM1bq8v2ePjYChpIUx4-uYWs1H5yDBXWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10218
last-modified: Mon, 18 Dec 2023 20:13:43 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-hash: crc32c=P2fgBQ==, md5=IwpC9BBrIFbFRmT73giztw==
x-goog-generation: 1702930423872068
content-language: en
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32241
accept-ranges: bytes
cache-id: FRA-fa985ced

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 128ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-826604080

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7085f3200afb1b9fd3d9057c9f133ae005a8f0aba778ec9104451784eb7bed11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73351
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jan 2024 16:34:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 96ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 16:34:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54372
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: drQkG6T50XtKH9PeP27hXc75pJXM8rNpPXdLJgHH4FvhRHXMJRnEFxQbbIgDTIw27NBpB2LDYziw4I0ajLhe5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 102ms
24ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.97.js?utv=ut4.49.202211082312
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230116-FRA

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 382ms
126ms Script
application/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Mon, 11 Dec 2023 05:21:55 GMT
Server: PardotServer
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Wed, 07 Jan 2026 16:34:39 GMT

GET
H2 200 82c3d035-d327-4b2d-824f-4b1146fc1b96.js Show response
clientcdn.pushengage.com/core/ 11 KB
5 KB 369ms
316ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/82c3d035-d327-4b2d-824f-4b1146fc1b96.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ced7967f6179918fa4b623b6bab81c485f23493a57a0ee3436da4b21aaf7e9c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 01/04/2024 02:01:43
cdn-pullzone: 1148540
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=432000
cdn-requestid: 3064b7d663a84e00d2d09dbb28a1f484
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 34ms
27ms Script
application/javascript 2600:9000:26db:ac00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=alm/main/202312230044&cb=1704731678765
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Mon, 08 Jan 2024 16:30:27 GMT
via: 1.1 559b66bb8d6baca9fa30f875c62de1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: IGmTXYHpHWTuDh7ZNNebJiy9B_krsPXhsXDRJU7zab6Bou2bcMznvw==

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 34ms
26ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Mon, 08 Jan 2024 16:49:38 GMT

GET
H2 200 dest5.html Show response
alm.demdex.net/ Frame 1176 7 KB
3 KB 51ms
50ms Document
text/html 52.50.241.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-241-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 08 Jan 2024 16:34:38 GMT
dcs: dcs-prod-irl1-2-v054-09f69f4ed.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 17:04:15 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ivOZaY8HSRQ=

GET
H2 200 id Show response
b.law.com/ 48 B
456 B 134ms
33ms XHR
application/x-javascript 63.140.62.164
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://b.law.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&mid=03712930131070338651053859120817671033&ts=1704731678796

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/alm/main/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

73ff78acac1d7fe4ba3d62e850b971db40500a6aff982ae35ff66367cb68e547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZZwkHwAAAJFWvwNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=08219036741481454810063309085684041017
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZwkHwAAAJFWvwNx

42 B
717 B

49ms
49ms

Image
image/gif

52.50.241.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZwkHwAAAJFWvwNx

Protocol

Server

52.50.241.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-241-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-04cc94887.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: xPeMPwsOScg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZwkHwAAAJFWvwNx
Date: Mon, 08 Jan 2024 16:34:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 189ms
52ms XHR
application/json 54.246.43.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.43.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a946364fd8ae9060d0a8f5526726b265c43039bfaccebc65b9e9e106e52cab63

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache
x-server: 10.45.15.163
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 Auto-Dealership-with-cars-e1652211710602.jpeg
images.cutimes.com/contrib/content/uploads/sites/413/2022/05/ 11 KB
12 KB 155ms
153ms Image
image/jpeg 2606:4700::6812:3b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.cutimes.com/contrib/content/uploads/sites/413/2022/05/Auto-Dealership-with-cars-e1652211710602.jpeg?profile=river-small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:3b7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f5833d3047d4d02398943ee979e02dbaac3746362d82d45d145c73b3054a38

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.gstatic.com https://maxcdn.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://browser.sentry-cdn.com/; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://code.jquery.com/ https://fonts.googleapis.com/;font-src 'self' data: https://fonts.googleapis.com/ https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: http://*.almcms.com https://*.almcms.com https://secure.gravatar.com/;connect-src 'self' https://sentry.io/; frame-src https://www.google.com https://*.benefitspro.com https://*.law.com https://*.cutimes.com https://*.propertycasualty360.com https://*.chinalawandpractice.com https://*.consultingmag.com https://*.lawjournalnewsletters.com https://*.thinkadvisor.com https://*.globest.com https://*.nuco.com https://*.treasuryandrisk.com; frame-ancestors 'self' https://*.law.com;
via: NS-CACHE-10.0: 56
cf-cache-status: REVALIDATED
cf-polished: origSize=12306, status=webp_bigger
x-cache: MISS
backend: contribsreimg_prod_director
content-length: 11657
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 16:31:11 GMT
server: cloudflare
etag: "506cdc-3012-5fece8763a04c"
x-frame-options: SAMEORIGIN
contrib-server: Server242
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8425d9639a331c30-FRA
x-vnode: 28
expires: Mon, 08 Jan 2024 20:34:39 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
463 B 213ms
38ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Mon, 08 Jan 2024 17:04:39 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 569ms
98ms Image
image/gif 3.233.0.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cutimes.com&p=%2F&u=D1V55wCX4NTkCYa--_&d=cutimes.com&g=46802&g0=%7C%7C&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8107&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&b=2834&t=ILYA4Kg-BxCblOx6VPRC-D6ne0d&V=143&i=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&tz=-60&sn=1&sv=Vv4cbBJQ2ePCFv5CKBRPgonCHiNm4&sr=external&sd=1&im=067b2ef3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.0.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-0-138.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 49ms
38ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=80951&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pv=1704731678896_ec17qyu09&bl=en-us&cb=726050&return=&ht=&d=&dc=&si=1704731678896_ec17qyu09&cid=&s=1600x1200&rp=&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D714530%26time%3D1704731678903%26url%3Dhttps%253A%252F%252Fwww.cutimes.com%252F%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true&e_ipv6=AQJoDfGqaKek3AAAAY...

0
265 B

254ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true&e_ipv6=AQJoDfGqaKek3AAAAYzp7R3N3XzVuL9Jr-CV4kXoYXwxWmoYjJtMPWLOz2Eh9hgyhWgQst8ruTPQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 26644FFC5F4D445AACC23941A084892F Ref B: FRAEDGE1517 Ref C: 2024-01-08T16:34:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOccY/6xyGIoq4BELJhA==

Redirect headers

date: Mon, 08 Jan 2024 16:34:40 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1AE4697EF0DC4C26B112C5285FC9994D Ref B: FRAEDGE1812 Ref C: 2024-01-08T16:34:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=714530&time=1704731678903&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&cookiesTest=true&liSync=true&e_ipv6=AQJoDfGqaKek3AAAAYzp7R3N3XzVuL9Jr-CV4kXoYXwxWmoYjJtMPWLOz2Eh9hgyhWgQst8ruTPQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOccY8SpCbQlhBNTDQdA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15068
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 07 Jan 2025 12:23:30 GMT

GET
H2 200 s57989529931234
b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/ 43 B
202 B 38ms
38ms Image
image/gif 63.140.62.164
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.law.com/b/ss/almcut,almglobal/1/JS-2.23.0/s57989529931234?AQB=1&ndh=1&pf=1&t=8%2F0%2F2024%2017%3A34%3A38%201%20-60&sdid=4DC46CBCA4059334-3DA3FDA41812DEC8&mid=03712930131070338651053859120817671033&aamlh=6&vmt=4D013A4B&vmf=alm.102.122.2o7.net&ce=iso-8859-1&ns=alm&cdp=2&pageName=cut%3Ahome&g=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&c.&getTimeParting=6.3&getPercentPageViewed=5.1&.c&cc=USD&server=cut&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v24=cut&c30=home&v30=D%3Dc30&v42=year%3D2024%20%7C%20month%3DJanuary%20%7C%20date%3D8%20%7C%20day%3DMonday%20%7C%20time%3D11%3A34%20AM&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=96C4370453295E4C0A490D44%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 16:34:38 GMT
server: jag
etag: 3660883403755520000-4617757522210327777
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/ 3 KB
2 KB 145ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/826604080/?random=1704731679016&cv=11&fst=1704731679016&bg=ffffff&guid=ON&async=1&gtm=45be4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&hn=www.googleadservices.com&frm=0&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&did=dYmQxMT&gdid=dYmQxMT&auid=486972397.1704731679&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-826604080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feae17006d741f4e11c0d2d0be1640c07f5a42223b0a9b45d7ce848bc91c54a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 31ms
30ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Mon, 08 Jan 2024 16:49:39 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 210ms
72ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=0&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: J3DQGCVV9MED3T0J2AEF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BWDz-73VlCICzn_sV1jdOrOavgCH7jB3uISgDWMozuoyXCaOJgmD3Q==

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 27 KB
8 KB 186ms
85ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: deb31207b2a29c4ae2bd8552b158a6cc268bb3d107ae3b3aebe62a6c67a7ff9b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 49
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 356 B
1 KB 54ms
28ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

27ac1b195c3b575502ad75853795ac19b35b3d1bc954ce671a487522bd1e69a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: c7975cde-1dc0-424f-ab0f-084de0286847
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 356
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
276 B 202ms
50ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b77f85037fd2bb095126796938e35096f20bf2d6a58de29b395b1897b4e17945

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 176ms
53ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=589064166&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
731 B 287ms
167ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=1808cf23f198aca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.5626214277185457
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f8ed6953ec9c551204649f088c2f5507722985431c7ea2085459889b44caf000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
731 B 227ms
107ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=19f68534e629f56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.8723272452287447
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 395c5a2d7edfc2c9dfa29ca47edf85126a8474fabae277ffa67f51c2674962b2

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 391 B
905 B 202ms
86ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=2%2C55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=202393a1bbb3936&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.510376668533465
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4ec9adb7c80453db81348cb3bb7bff2f2f18217e136f313debbe1f75a2fc4002

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 391
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 165ms
58ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 360 B
1 KB 59ms
36ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9bf3f970faf00a914f8631a2ec9e80a483c939e2a773827f15aea63606704541

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: a0a8036e-11cb-46de-a870-3993bf85c68f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 360
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 122ms
39ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 208ms
23ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 207ms
22ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 241ms
56ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x9...
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x2...

329 B
745 B

32ms
32ms

Fetch
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 6c61fbd68922a5b30e74e32eeb224b6e13686411a2901c25690f6832a33000ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 329
x-sid: AMS-929

Redirect headers

date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
location: /hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250%2C728x90%2C970x90%2B300x250_1%3A300x250%2C728x90%2C970x90%2B300x250_2%3A300x250%2C728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-929

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
129 B 155ms
59ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e84c39cbe1042f3492cf863fdd51802fd6a90d0c3755055f8fb2d35ba89d8403

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
210 B 138ms
40ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 328ms
36ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 351ms
45ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 344ms
51ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 140ms
75ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=1&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: W6YYM91FARZ24P6Y7QPF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Od_jWWs55sCcxfFBlXFPG1xdRHr6CqsIO6p-umQz5AFquXgEJdWzhg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 118ms
73ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=2&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: XJFZ72WB602SW9WPSV79
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: k3sGNy3IwJ7v5LEs0o-_G-O637n5lFWYUnwX4Gji2n7L3VqsSR8rEw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 107ms
74ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=3&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 66FWREAFR2KYW2S76TE8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sND2oJcG0SuVxve4b_M5LxJmku6Gwymn5QSkQ3K5jvWl8LqwPCPEHQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 95ms
75ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=4&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-middle2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: D63VBEJ8SNHX9GC8MW1F
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9jzpmnHKOk_3mKGOdeUoAHSIz2BnZy1xvCE-XXz4pXKUeZ5biML1xg==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 369 B
710 B 129ms
93ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=17277adb7c2464ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.6706667227567527
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dbff16c4460e1ff33e8dc9dd67e89475ed5dd58e3ec5cab0b42773359b43654d

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 369
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
249 B 73ms
43ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1cee866706a66953962aa8c82e1b6cb73b3830ab3cb4ece273000798f521e425

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 87ms
53ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=55327220541&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
278 B 112ms
49ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a34dbb29906ad91e13a53e8d79260d6793cc29bcbf6056c325a55e2284a30170

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
412 B 47ms
38ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 140 B
986 B 52ms
44ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a256f15a7dea4d79fedd7aaf3b20b45ee12fae7d2ea938f602e514d9ad010a59

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 8563a243-dae2-4926-a347-95d0cb8fa774
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 140
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
355 B 72ms
39ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 14 KB
6 KB 123ms
116ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 056b02a16bad80d9499ea097b5dd865bb3eb8e1a0475ac6d7c106dd1ebd05204

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 84
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&c...
https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&nc...

293 B
615 B

78ms
16ms

Fetch
application/json

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 7af574c88fca5bc6f3a13236dbd90386f1da38f52355f02ba22093f43e85c209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 293
x-sid: AMS-929

Redirect headers

date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
location: /hb/1/5fc14/1/www.cutimes.com/ROS?ct=1&r=pbjs&rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-929

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 69ms
43ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 265ms
39ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 135ms
26ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 140 B
985 B 47ms
43ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

50a3d617c800f4ea10c12683b104546b34d3013627d547d327d1c01a2d838ca2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: d2ce24ff-ccd7-461d-85ca-cc8e43ecc05c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 140
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 83ms
76ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=5&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-footer%22%2C%22s%22%3A%5B%22970x90%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: D9D4Z7ACE2WZ7D1P3M9P
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TDSnX8wkZBkGL6_z008m-mGyBTthEHhOfW8x5O3Ig0uTepBwvruk7Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 67ms
66ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=6&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-top2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 6BSBYXZYQP7CJ3EWFTCF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Fgmqvj3ta-1UWB0D1SsYJdLxOd2cr3RQF27EDoDeA6yjyUYzMjrebA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 66ms
65ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pid=gDDFg2X3zEVpJ&cb=7&ws=1600x1200&v=23.1211.1645&t=900&slots=%5B%7B%22sd%22%3A%22gpt-super_hero%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21665826759%2Fcutimes%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!yourbow.com%2C77%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: BH5YRCZE6JQWWW291ZCF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: r-V6h5pINeU-a4T4CwaMyGU90p0tjH6QUJp0WX6o8lkHxtd8SX60cQ==

GET
H2 200 2429680573784973 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 155ms
151ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2429680573784973?v=2.9.139&r=stable&domain=www.cutimes.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cf016dc693febdcdaac28d5a3da4d140d363da3ec03ba2f738888c23a9d8850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jan 2024 16:34:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: prOydpjxowPREpP5WR+ZzMDYCYvZRtKo8V2T3oevGro52pup5shc5/GHjcRy2SAMdhOtKRSsHcUcEEGGLHvUMQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 719 B
403 B 69ms
65ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2036939246899819&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1090x95&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679529&lmt=1704731679&adxs=255&adys=603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1600x8164&msz=1600x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Des_pushdown&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=1765705131&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dc72ecdd80023570b3e8f96f8ce1a40c3ad2725e4307d70fd1a39993aa896c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 372
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
70ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22976efc2bda885cbee56a2c1c1f90a6d8a44fe00bedd1ff30b4ae61ebf5852d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0

GET
H2 200 container.html Show response
e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4B1 6 KB
3 KB 185ms
34ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 16:34:39 GMT
expires: Tue, 07 Jan 2025 16:34:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
298 B 70ms
70ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2375759557745274&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679554&lmt=1704731679&adxs=1090&adys=1082&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dnative_collection&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=2165878380&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294fddfdcdcd9d7558d4b0867a254c9888d85d7dcd7a8ed4074fa8c23c8b25df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 548 B
301 B 66ms
65ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=3833103723747239&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x400&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679562&lmt=1704731679&adxs=1090&adys=673&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Des_rr_module&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=2514953727&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a555b228435a6d2443138ba58bc5cfc3545dd7ad14080ebb306cd03b7cdf4cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
299 B 98ms
98ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=4313259125726624&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679567&lmt=1704731679&adxs=210&adys=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=840x2676&msz=840x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dnative_single2&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=471766605&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e369df73c75ba151a635e449e2678ecd85af59ef27f213faeebf348c9248d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
300 B 99ms
98ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2079410039484835&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679572&lmt=1704731679&adxs=210&adys=832&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=840x2676&msz=840x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dnative_single1&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=3206233613&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e14fd972db512adf70225340ba5ed2d6864edc21a0633ee78d1bc6cd12c0acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
303 B 95ms
95ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2895050791603930&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679589&lmt=1704731679&adxs=260&adys=603&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1600x8164&msz=1080x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Des_logo_pushdown&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=1526046369&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3699a843f8ef955b6fbcbf2da258ad810143e5e90c1dc01c086bde121caa17ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
299 B 90ms
90ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=3523212663622216&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679595&lmt=1704731679&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1600x8164&msz=1600x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dinterstitial&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=287067654&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3a2f04ef5e7c87f9ca29f5d18064c6d906dd185baa6e0cd0f354f836fdf5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
300 B 90ms
90ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=3892516311401710&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x31&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704731679599&lmt=1704731679&adxs=1090&adys=673&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Des_logo_rr&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=2842684632&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4408cc56f4b6c43a6854f2f316b19131efd83eec33de59129659a5e7765ec221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
378 B 365ms
213ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6b2689bb-2b7d-4fb7-aa28-1052f3d475f6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=44934f08-6800-420b-a05b-bc14c80d0eba&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 187
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fd6e2f9f0cc53837
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: bdb4d258b9d2fb344c2c95fac1a1bb17be18c4307a451507097c9beb40f002d1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 357ms
205ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6b2689bb-2b7d-4fb7-aa28-1052f3d475f6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=44934f08-6800-420b-a05b-bc14c80d0eba&tw_document_href=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2j8b&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 182
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6530e7792a269e32
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: d168e6cc033a5b107b48b6d356f9de98bcd83cf69aeb9d08f7241d574d1084d1
content-length: 43

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 87ms
21ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 388 B
422 B 193ms
127ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=58597b804f96358&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.4091618914821078
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e130f984c95a569ca4090c47703fa69d9bf937b6f6b8d76385f3a9d69e5145ab

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 388
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 388 B
422 B 146ms
81ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=5990bde7bdf5ce6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.9310629621948683
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 79b6112fb9d042f582bd7d1d50b3d7ed64659443d4401400e76173d1e2d8cd4e

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 388
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 321 B
642 B 80ms
16ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b3799c9e898b6106437b433ed07a0109b9f479914877b8e42f14563e4a72ace6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 321
x-sid: AMS-929

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 90ms
26ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=50045383300&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 81ms
47ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
565 B 80ms
46ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 249 B
1 KB 92ms
16ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

8852ee9b44863433a8b64a10a643b00c3afa79e23b0310e6590abfaf5a1a3140

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 8d8f3977-1839-4198-8467-766c93e6274f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 249
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 14 KB
6 KB 161ms
85ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 8f3830f4596869a0e97bcd35acf79ff9e2e0200c52af178af27138d0c2bd21e7

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 76
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
277 B 96ms
21ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 41c3ac78162c93e041c43dcebf3ab8b002eb1a13731d409d8e3976bbdcf89ce9

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 77ms
0ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 78ms
0ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 80ms
1ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
213 B 140ms
61ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 65
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
129 B 80ms
0ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 256e70dabf1be873771c11175891903a1431b2f03e2862b833806be3272edd05

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 248 B
1 KB 82ms
13ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

eaf79f6862bda2b84de6ed8c6ce36800e049b949b0f446a6ed18b0d70f2ed726

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: ec0fa0f1-5330-4d74-8f53-273ecf969de5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 248
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
129 B 74ms
0ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 376d0d3b704052af5fea24f143107179b06688524c68d5731c93c5c3b3ebc393

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 130ms
80ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=978d1135a83e6bd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.055121577617311734
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c46a67386e530cdaf2a43c268a7007bf255b451936e0c56717f9592bd9efa0a6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 118ms
68ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=9880e1b8299fc92&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.5199563855202176
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fdb432e7005054d461105ca1f1fd8774f78fda17760cf599d7c2a1ddb71abc43

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 69ms
21ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 76ms
13ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

86cfa492f6a3046e0686e3eb2c3e6b05af3b4a4eadf8ba8cea677bc328ad34be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 4de87120-4201-4d50-b0a5-a7bab71f538b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 311 B
632 B 64ms
17ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: d04a74be7fd6cedd16505b6ec47ed8850474e89113c0c1b4d6fb6d89b4e2bd1b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 311
x-sid: AMS-929

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 111ms
51ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

370bd7d3f88ec9fc036525c0c536fdfbb1c7d6abb0c225a372554b82fb1bf18e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: be7577b4-2ec2-4cb3-b270-4dd5a1aef4c7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 68ms
1ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
277 B 81ms
22ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ba62dae25e95ca159c6c65fdd2538a85c1b836db40375b1576d916672c0ec928

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 123ms
56ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 61ms
0ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 15 KB
7 KB 128ms
70ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: d17f51aae2a75f2a2c89b66a3cbeaf643ae87885acbf40776305d5b62c6197eb

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 60
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
212 B 67ms
3ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 63ms
41ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 60ms
38ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 67ms
26ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=15278613152&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 393ms
351ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-219-119.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

041022670c958de62f58f35921410dad9c9d766ec5b5329db106ac1095157850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 533
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=829836357413403589&pixelIndex=0
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=829836357413403589&pixelIndex=0&google_gid=CAESELxTCMLj8ei0H0ofxBhQlao&google_cver=1

0
597 B

123ms
123ms

Script
text/javascript

52.44.115.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=829836357413403589&pixelIndex=0&google_gid=CAESELxTCMLj8ei0H0ofxBhQlao&google_cver=1
Protocol: HTTP/1.1
Server: 52.44.115.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-115-142.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=829836357413403589&pixelIndex=0&google_gid=CAESELxTCMLj8ei0H0ofxBhQlao&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 147ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=829836357413403589
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pushengage-web-sdk.js Show response
clientcdn.pushengage.com/sdks/ 37 KB
11 KB 97ms
22ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/sdks/pushengage-web-sdk.js
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/82c3d035-d327-4b2d-824f-4b1146fc1b96.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 0e7db155e4c34d8ad22382d0d23c4f30e3919b243c8ad4f852bce7bbe11777d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 01/08/2024 15:45:53
cdn-pullzone: 1148540
last-modified: Thu, 28 Dec 2023 07:34:14 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2921-18caf586406"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=1800
cdn-requestid: ed71b2a9e4c354499264c4f4817f884c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200 p Show response
cdp.omeda.com/olytics/segments/ 20 B
341 B 146ms
144ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdp.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 08 Jan 2024 16:34:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 20
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
cdp.omeda.com/olytics/segments/ Frame 0
0 172ms
129ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.180.130.159 Lincolnshire, United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cutimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Date: Mon, 08 Jan 2024 16:34:38 GMT
Keep-Alive: timeout=5
Server: Apache
vary: access-control-request-method,Access-Control-Request-Headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 164ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 08 Jan 2024 16:34:39 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/826604080/ 42 B
455 B 153ms
35ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/826604080/?random=1704731679016&cv=11&fst=1704729600000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&frm=0&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_4aTNR7JWxEP4Cpsq6wMRvRhNPJ9wdw&random=3984378962&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/826604080/ 42 B
455 B 155ms
38ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/826604080/?random=1704731679016&cv=11&fst=1704729600000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&frm=0&tiba=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_4aTNR7JWxEP4Cpsq6wMRvRhNPJ9wdw&random=3984378962&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 108ms
107ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 33ms
32ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 311 B
632 B 34ms
33ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: d04a74be7fd6cedd16505b6ec47ed8850474e89113c0c1b4d6fb6d89b4e2bd1b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 311
x-sid: AMS-929

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
10 KB 168ms
167ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e611b0be4e5c95931429efd863ff94fcb9931c737bae43e56cdb0a6b705a2a85

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
an-x-request-uuid: 8ebacdc7-5b18-4330-b4f4-9894ae4976c4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 41ms
38ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
233 B 32ms
30ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H3 200 prebid Show response
prebid.media.net/rtb/ 1 KB
707 B 100ms
99ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: f4b29ab5dd8cc1e0975579022f593789856d9d9a62853b843c082c69f4bb8e78

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 57
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 35ms
35ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9bf8b6fe6777878f07a89d10cba93316422df31a35b0dfbb477d7944d5edb6f7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: ca370574-ccda-4eb0-9ed9-680d10b19f12
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
565 B 43ms
43ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 39ms
39ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 40ms
40ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ac7a01c8b391746a007cde8f14471f7ddfab811d92de9310b9fbd0de681b2b93

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 87ms
80ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=16047b32f8285e4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.019333710532875248
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9c78facc7b812a913538709a7679631774473e4b6ea283e6ed7897c937f51fbe

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 92ms
86ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=10&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=161ae0277946ff04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.8905998721125938
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a84d20e54c2116962b5423e7e2c4b8eed26fe56cdbeb1c104a97683da1e17d7f

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 46ms
40ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=36648711323&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 43ms
37ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
276 B 55ms
51ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dbcb941637b7eb24fd2d4f621b95154238879012cd231069feff3030d95dcf6d

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 410ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2429680573784973&ev=PageView&dl=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&rl=&if=false&ts=1704731679843&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1704731679842.1991640856&ler=empty&it=1704731679501&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jan 2024 16:34:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 383 B
165 B 498ms
492ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=4068561635676140&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc7f48c1e00d41c78%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og&gpic=UID%3D00000d3d6f8e8d7e%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ&abxe=1&dt=1704731679847&lmt=1704731679&adxs=230&adys=623&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1170x40&msz=1140x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dtop%26amznbid%3D2%26amznp%3D2%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.02%26hb_adid_medianet%3D305bdf0b6f147825%26hb_bidder_medianet%3Dmedianet%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D305bdf0b6f147825%26hb_bidder%3Dmedianet&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=3800030089&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

941cf0b91596c6a3cad514836e2447cb0c5399ca8881d671fb8193b2aaf8e7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
213 B 47ms
33ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 103ms
91ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=2026053e6c14e3a4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.9985268507866485
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 529dbf3c924f433945bb884031d036df0e0b9c20d7f1f9c735e891fb041cdf18

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 389 B
423 B 89ms
77ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=20344ae9f1f0de2f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.6724043781028017
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 413d8800aa1cb604287d7191ac1a3d39b1724b93b17aaea34dd9a70c6b499e3a

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 389
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 45ms
34ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 45ms
41ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 41ms
37ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 41ms
34ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a32fdfe9251881d21b7013672cfa9bb9d18ec3ab59ec390817a5ee6032a44669

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 31ms
22ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 49ms
40ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

1545a4c726f0caeae31f3d93335ae2be80c9415679ac640c77b666918c5dc6be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 5185b661-6810-408b-9cec-7d0831472cd6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 prebid Show response
prebid.media.net/rtb/ 14 KB
6 KB 85ms
79ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: c9d2b78bc1d108974dd23c4890adb381c9704e2426771287daeb0e623e77d351

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
277 B 53ms
45ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 577dbde57ff48de62dbb95c35f1e289fc59ed3ae2218e7f083c9071d1c65f9c6

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 33ms
26ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 46ms
39ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 311 B
632 B 39ms
33ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250%2C970x90%2B300x250_1%3A300x250%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: d04a74be7fd6cedd16505b6ec47ed8850474e89113c0c1b4d6fb6d89b4e2bd1b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 311
x-sid: AMS-929

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 134ms
129ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=55819678405&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 40ms
35ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d95fb6e728c0b89d6baf2e86fa2cb7b92aec01ace9bed8d12cb9697c6a3300a2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 58203db2-3a8f-42ce-8267-6c1bfbb67ab8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 252
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 384 B
166 B 530ms
530ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2075241667185593&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc7f48c1e00d41c78%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og&gpic=UID%3D00000d3d6f8e8d7e%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ&abxe=1&dt=1704731679922&lmt=1704731679&adxs=1090&adys=673&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dmiddle%26amznbid%3D2%26amznp%3D2%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.00%26hb_adid_medianet%3D30928394f0c70519%26hb_bidder_medianet%3Dmedianet%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D30928394f0c70519%26hb_bidder%3Dmedianet&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=2769739108&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7712a00f39f633083fd3e0b103b69a5ad3048f7de94884dfce57dec76750e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 41ms
40ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
212 B 33ms
29ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 37ms
35ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fb08e7a55700b7987f5903f347fcc8854f5e2c37f41770203ef51f456b2c601e

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 251 B
1 KB 42ms
40ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4760c756542255eb117abbe7d21da254745d112cfd5b486396fea7ed980d3084

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: a6b90d09-b862-4300-ab24-868516892bbf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 251
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 prebid Show response
prebid.media.net/rtb/ 1 KB
707 B 86ms
85ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: cbfdf0c16e6ec546e3635ca01c34ad1eefae83eb24a8533a83f16e849cfefb7c

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
10 KB 169ms
169ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c67d3c71fb83e6e0d407fc0d76cf77203dac743381262cfd271f59b04c90bce8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: gzip
an-x-request-uuid: 89e0ad99-0158-44c8-bd28-8f223b1e8e6f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 388 B
445 B 82ms
79ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=2569c5c25391d159&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.8626382469716305
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: adc6b7af6492922cc7308bc2a08629cd5e291cb90c7876e1a7f3060d2c995daf

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 388
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 388 B
422 B 89ms
87ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=2&alt_size_ids=55&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=257601ec0778b25&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.5664232495481785
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f9bf9fa651c8ae8e59e40dab22f71585e5a9f91eb209ddb5869f9d857f6321a1

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 388
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
277 B 48ms
46ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7dc2ca21be3d09e121d4a58cac22dab1cbce44f49bb038fa689fc8724ca9636b

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 40ms
39ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:38 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 41ms
40ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 83ms
82ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=10842765556&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 33ms
32ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 28ms
27ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 309 B
631 B 32ms
32ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=728x90_0%3A728x90%2C970x90%2B728x90_1%3A728x90%2C970x90&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: aa5158e02767782683bcc0f350c745e7ed420dc6dae59110dfcbdf371729a743

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 309
x-sid: AMS-929

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 24ms
21ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5816 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 12:10:23 GMT
expires: Tue, 07 Jan 2025 12:10:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 90DD 829 B
980 B 33ms
32ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ce14d2512ca31ed3d90519287548f6861854746ca56ceffcc378982d6d86644

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-semEGHmOg6u-U0Nuwt-x_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-semEGHmOg6u-U0Nuwt-x_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 16:34:40 GMT
expires: Mon, 08 Jan 2024 16:34:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 prebid Show response
prebid.media.net/rtb/ 1 KB
706 B 63ms
62ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUN4B97C
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 273525960d71d102a7c4af50c513ecce296ea3f52777f4e355257490b11a4514

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 16:34:39 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 48ms
48ms Fetch
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 369 B
403 B 85ms
79ms Fetch
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17046&site_id=490168&zone_id=2909278&size_id=15&rp_schain=1.0,1!yourbow.com,77,1,,,!coedmedia.com,31554135492,1,,,&rf=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.domain=cutimes.com&tg_i.page=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&tg_i.pbadslot=%2F21665826759%2Fcutimes%2Fhome&tk_flint=pbjs_lite_v8.13.0&l_pb_bid_id=28169042c0dbb2d6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21665826759%2Fcutimes%2Fhome&slots=1&rand=0.6281670019917149
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ab8e4ac812d7261fdedd2f4085344b688b755b3ec8dfea8c87a603d1d276016a

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 369
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
94 B 40ms
39ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9d04336e793ddeedfaad8312aca744e6ee10f4e3c9070461f6ff6cca636baa95

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
210 B 37ms
33ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 44ms
37ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.13.0&cb=95091573349&lsavail=0

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 37ms
31ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 36ms
29ms Fetch 35.157.26.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.26.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-26-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.cutimes.com
date: Mon, 08 Jan 2024 16:34:39 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 52ms
46ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
10 KB 136ms
129ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

ca24e241e6b5919583a0aeca5d25f0618a016816aad5520f05cfca4995a88d31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: gzip
an-x-request-uuid: d60fd324-9323-4688-887d-762ab9213714
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 25 B
277 B 53ms
45ms Fetch
application/json 34.250.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.13.0
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.5.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-5-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f43c52877d10206ab079f2a2a10cdd8437460773c5cb185cdc75b6f44c907459

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 08 Jan 2024 16:34:39 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.cutimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 25

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 140 B
986 B 39ms
33ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

1e3249064a4012534a6a83094f9346df5796096a6590bbbcc1c1055aab9ecf3e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
an-x-request-uuid: 2a3431a3-ba61-40f9-bd00-a70b3a3bd622
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 140
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ 293 B
615 B 37ms
30ms Fetch
application/json 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/5fc14/1/www.cutimes.com/ROS?rnd=0.013208788199184918&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&pbv=8.13.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 7af574c88fca5bc6f3a13236dbd90386f1da38f52355f02ba22093f43e85c209

Request headers

Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

expires: Mon, 08 Jan 2024 16:34:39 GMT
date: Mon, 08 Jan 2024 16:34:39 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://www.cutimes.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 293
x-sid: AMS-929

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 384 B
166 B 409ms
406ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2113567281736773&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc7f48c1e00d41c78%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og&gpic=UID%3D00000d3d6f8e8d7e%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ&abxe=1&dt=1704731680011&lmt=1704731680&adxs=1090&adys=1102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dmiddle1%26amznbid%3D2%26amznp%3D2%26hb_format_bluTonic%3Dbanner%26hb_size_bluTonic%3D300x600%26hb_pb_bluTonic%3D0.03%26hb_adid_bluTonic%3D3146b76ff8ce90e6%26hb_bidder_bluTonic%3DbluTonic%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D3146b76ff8ce90e6%26hb_bidder%3DbluTonic&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=825742739&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eb815248d6e9fedef4b63a7caec0cecaa6a543af0a9321547f2b3c85822b2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 311 B
161 B 62ms
61ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2909301563038755&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=729x90&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc7f48c1e00d41c78%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og&gpic=UID%3D00000d3d6f8e8d7e%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ&abxe=1&dt=1704731680044&lmt=1704731680&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1600x8238&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dfooter%26amznbid%3D2%26amznp%3D2%26hb_format_medianet%3Dbanner%26hb_size_medianet%3D300x250%26hb_pb_medianet%3D0.01%26hb_adid_medianet%3D313a95d14bcdac64%26hb_bidder_medianet%3Dmedianet%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D313a95d14bcdac64%26hb_bidder%3Dmedianet&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=3129128528&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0504eb70d9568e33fdfa548b40d7e87b55f6478c6b8fb299d50bc1d363404476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics Show response
go.alm.com/ 50 B
1 KB 512ms
267ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alm.com/analytics?conly=true&visitor_id=193618294&visitor_id_sign=3f4787d61099a6ebc38fbd892b935334bb027bf3a4feb9ea3c921320bba217a05773dbdcc5accaa250ab847f3f0aaa5e7f66d9ff&pi_opt_in=&campaign_id=70855&account_id=998701&title=Credit%20Union%20Times%20|%20Accurate%20and%20Timely%20CU%20News%20|%20Credit%20Union%20Times&url=https://www.cutimes.com/?slreturn=20240008113432&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=70855&account_id=998701&title=Credit%20Union%20Times%20%7C%20Accurate%20and%20Timely%20CU%20News%20%7C%20Credit%20Union%20Times&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 08 Jan 2024 16:34:40 GMT
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 184ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Jan 2024 16:34:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 312 B
163 B 66ms
65ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1054820398644206&correlator=2463908519190376&eid=31080284%2C31080297%2C31079234%2C21065724&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=21665826759%2Ccutimes%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1400x320%7C1200x250%7C1200x600&ifi=13&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc7f48c1e00d41c78%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og&gpic=UID%3D00000d3d6f8e8d7e%3AT%3D1704731679%3ART%3D1704731679%3AS%3DALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ&abxe=1&dt=1704731680305&lmt=1704731680&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cutimes.com%2F%3Fslreturn%3D20240008113432&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=757004372.1704731680&ga_sid=1704731680&ga_hid=510747708&ga_fc=false&dlt=1704731676974&idt=2111&prev_scp=position%3Dsuper_hero%26amznbid%3D2%26amznp%3D2%26hb_format_bluTonic%3Dbanner%26hb_size_bluTonic%3D300x250%26hb_pb_bluTonic%3D0.01%26hb_adid_bluTonic%3D31815be8b9045fc4%26hb_bidder_bluTonic%3DbluTonic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D31815be8b9045fc4%26hb_bidder%3DbluTonic&cust_params=bmb%3Dind_98%252Cre_6%252Csz_6%252CRAC%252CLSV%252CITC%252CBPE%252CEDIS%252CCFIN%252CLMC%252CPFIN%252CBFIN%252CLHR%252CITCBY%252CFCALL%252CAAB%252CINSPROD%252CLTL%252CPCL%252CFPL%252CWLN%252CCRY%252CCLAIM%252CMKT%252CESS%252CRISK%252CRMC%252CIRC%252CCYB%252CBMHR%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26page_number%3D1%26email_domain%3Dnone&adks=1904320120&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd34aa73df6051b867a4483074ba90481a74d7692fa4f147bf106341f16f7a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cutimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 90DD 0
0 102ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=1054820398644206&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5816 39 KB
15 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 14:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 14:08:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B8FF 14 KB
6 KB 164ms
42ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.cutimes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 16:34:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 331303
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 144ms
73ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 09 Jan 2024 16:34:40 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5816 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zw9__Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 628B 8 KB
2 KB 178ms
178ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f489f7a07fbad0b9cd48bbda22f0b291804aed380bd1d158c51985072cb5d1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_cutimes.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8425d96b19605902-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:34:40 GMT
expires: now
link: </img/a/pss/2232/12.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 5E0D 7 KB
2 KB 197ms
179ms Document
text/html 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/tcfredirector.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71b79ace2c71922221de3f0ef463eee85b848da0220a7d5afb57c06ba3388f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smart_cutimes.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8425d96b7a135902-TXL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:34:40 GMT
expires: now
link: </img/a/pss/1972/61.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 169ms
168ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.cutimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 64E75E996769474DBCF8399BF43F08B1 Ref B: FRAEDGE1812 Ref C: 2024-01-08T16:34:40Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.cutimes.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYOccZC0YucTllWvlIfwg==

GET
H2

200

sid Show response
mug.criteo.com/ Frame B8FF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=cutimes.com&sn=ChromeSyncframe&so=0&topUrl=www.cutimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=MR8pbnxCR3JKb3pwbnZ3aGFKaHNmbm9lNXorbkYxRGxBY2pyZTVOL0lLTUMyU0U3MHYxQStCRjV2a290dys2dHhLQWNjbUh5bGQreTBBQnJBY1N5djhDTVYwbUw1WEYyQWxVcnkwYzcxZTVSTmtaSjMzR3JYS3pIaGZXU2...

433 B
658 B

39ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MR8pbnxCR3JKb3pwbnZ3aGFKaHNmbm9lNXorbkYxRGxBY2pyZTVOL0lLTUMyU0U3MHYxQStCRjV2a290dys2dHhLQWNjbUh5bGQreTBBQnJBY1N5djhDTVYwbUw1WEYyQWxVcnkwYzcxZTVSTmtaSjMzR3JYS3pIaGZXU2NwR0hROFM3RmVwbmV2cWcrR2tlbDdTd09jbGRGWGdNRGw4bytTVXlqc1JCMUpYbnlUT1FMN1JRNXZGM0Y5aDdGY1ZiVGllbUs1R0lEVm5jREJZSEdpSjhjQ0tXRlJERVdaSkVTYTlWdENuS3A1V0RuZlB5WCt0bVBDRElZbmRSRmVoWDZOZ2N6a3lwTWlZYUFkemdlUVROOVgvVzIrTFlXRkh5dzhhQjcraENSU203cUpyRT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb73804608c24294f5637165ca8bd1e02ffd861ca044d14f63f53da2279f1690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1369106
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=MR8pbnxCR3JKb3pwbnZ3aGFKaHNmbm9lNXorbkYxRGxBY2pyZTVOL0lLTUMyU0U3MHYxQStCRjV2a290dys2dHhLQWNjbUh5bGQreTBBQnJBY1N5djhDTVYwbUw1WEYyQWxVcnkwYzcxZTVSTmtaSjMzR3JYS3pIaGZXU2NwR0hROFM3RmVwbmV2cWcrR2tlbDdTd09jbGRGWGdNRGw4bytTVXlqc1JCMUpYbnlUT1FMN1JRNXZGM0Y5aDdGY1ZiVGllbUs1R0lEVm5jREJZSEdpSjhjQ0tXRlJERVdaSkVTYTlWdENuS3A1V0RuZlB5WCt0bVBDRElZbmRSRmVoWDZOZ2N6a3lwTWlZYUFkemdlUVROOVgvVzIrTFlXRkh5dzhhQjcraENSU203cUpyRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 306534
content-length: 0
expires: 0

GET
H2 200 12.css
www.dianomi.com/img/a/pss/2232/ Frame 628B 2 KB
937 B 47ms
45ms Stylesheet
text/css 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/2232/12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1455806
cf-polished: origSize=2446
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:07:00 GMT
server: cloudflare
etag: W/"98e-60525c3fadb30"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 8425d96c3ba15902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 628B 8 KB
3 KB 49ms
44ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 56
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 14:33:52 GMT
server: cloudflare
etag: W/"32de-5fa523edf86e0"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8425d96c3bbf5902-TXL
expires: Mon, 08 Jan 2024 16:36:40 GMT

GET
H2 200 VfG99MCoyKoAAGpDgiIAAAAI.png
www.dianomi.com/img/uploads/ Frame 628B 1 KB
1 KB 45ms
40ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/VfG99MCoyKoAAGpDgiIAAAAI.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1378421
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="VfG99MCoyKoAAGpDgiIAAAAI.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Aug 2020 16:33:27 GMT
server: cloudflare
etag: "f64-5ac380c3ca3c0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c3bc15902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/312977/8/ Frame 628B 8 KB
9 KB 45ms
41ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/312977/8/263x200.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9797e504cf739152795de720ebd8a59627e5e34d2d9fbe5e1417e9a6104d6e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 282462
cf-polished: qual=85, origFmt=jpeg, origSize=27165
content-disposition: inline; filename="263x200.webp"
content-length: 8578
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Jan 2024 10:06:44 GMT
server: cloudflare
etag: "6a1d-60e30015ba7f8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c3bc25902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/222440/7/ Frame 628B 13 KB
13 KB 44ms
41ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/222440/7/263x200.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3765c800e5f93a24b4ebf90945b65abc6103e53cda80ed41a34aff57c8dd9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 653235
cf-polished: degrade=85, origSize=26850, status=webp_bigger
content-length: 13545
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 30 Nov 2023 09:21:26 GMT
server: cloudflare
etag: "68e2-60b5b2d10c090"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c8c585902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/222436/6/ Frame 628B 21 KB
21 KB 58ms
56ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/222436/6/263x200.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1298eeb75edb1d13521b8d53110ec91a15be2ab59ae348be7dafff0493bff7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 653235
cf-polished: qual=85, origFmt=jpeg, origSize=42378
content-disposition: inline; filename="263x200.webp"
content-length: 20994
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Dec 2023 01:24:41 GMT
server: cloudflare
etag: "a58a-60cd2bb19d9f8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c8c5b5902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/312851/4/ Frame 628B 10 KB
11 KB 63ms
60ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/312851/4/263x200.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8669ed05a1a3cc143027392c230c291578b31d80e3596f90d5fee008d9ad8f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 615811
cf-polished: degrade=85, origSize=22320, status=webp_bigger
content-length: 10747
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 28 Dec 2023 15:17:34 GMT
server: cloudflare
etag: "5730-60d936a4b0558"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c8c5c5902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 263x200.jpg
www.dianomi.com/img/a/sav2/131880/15/ Frame 628B 15 KB
15 KB 65ms
62ms Image
image/jpeg 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/131880/15/263x200.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb50d904db44b3985dc1b402000ee05d09a5df0b83e3cf9296ca30286807714

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 610442
cf-polished: degrade=85, origSize=24450, status=webp_bigger
content-length: 15120
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Dec 2023 07:37:49 GMT
server: cloudflare
etag: "5f82-60cd7f17e4858"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96c8c5d5902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame 628B 0
160 B 95ms
65ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0xB5A6D83C9F694E299389C6EE7A69C294&third_party_tracking=1&consent_string=&smartad_id=3420&partner_id=1012

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8425d96cacc65902-TXL
access-control-allow-headers: dianomi-force-dmp

GET
H2 200 61.css
www.dianomi.com/img/a/pss/1972/ Frame 5E0D 2 KB
989 B 45ms
45ms Stylesheet
text/css 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1972/61.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1223096
cf-polished: origSize=2947
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 11 Oct 2023 02:43:11 GMT
server: cloudflare
etag: W/"b83-60767c8c0ac00"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 8425d96cacad5902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 5E0D 8 KB
3 KB 42ms
41ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 56
cf-polished: origSize=13022
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 14:33:52 GMT
server: cloudflare
etag: W/"32de-5fa523edf86e0"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8425d96cacc05902-TXL
expires: Mon, 08 Jan 2024 16:36:40 GMT

GET
H2 200 pixeljs Show response
data.dianomi.com/frontend/ Frame 5E0D 0
43 B 69ms
69ms Script
application/javascript 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.dianomi.com/frontend/pixeljs?tagname=dianomi_tag_params_0x0849F373913C4EB280317569058A798F&third_party_tracking=1&consent_string=&smartad_id=3421&partner_id=1012

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
content-length: 0
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8425d96ced4c5902-TXL
access-control-allow-headers: dianomi-force-dmp

GET
H2 200 Ufe3LcCoyKoAADivRIsAAAAC.png
www.dianomi.com/img/uploads/ Frame 5E0D 1 KB
1 KB 58ms
56ms Image
image/webp 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/Ufe3LcCoyKoAADivRIsAAAAC.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:40 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1168188
cf-polished: origFmt=png, origSize=2126
content-disposition: inline; filename="Ufe3LcCoyKoAADivRIsAAAAC.webp"
content-length: 1026
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Aug 2020 14:28:40 GMT
server: cloudflare
etag: "84e-5acc31eddb600"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8425d96d5e595902-TXL
expires: Thu, 08 Feb 2024 02:34:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=1054820398644206&bg=!7O-l76DNAAY3kmNgF5I7ADQBe5WfOApReBreYQVNhobmIjWS5V9bEO0gq1UPMfZpCSxUghowBaON-NSn0ky3jsjhyZUWAgAAAGpSAAAAAmgBBwoAjVbeuP5Hbn1T1nmoBvEFy-GmnuI4TGsGGs4VPaBzWGeasL-kulyrvfKBPo1zCBK7CW_5oSWoCFa1NAWMfJcP3OIa-8TKgYWATiTDatbhyirE2rz4AOpO_k4xYatd8rVGDgtNSmmhwRRpgD06BRVoefrnhke-jGMesidChEVlDALHVvyqpHgHu9G_P5ByaJkCvuRJRzOR7rdG028j2tzNqHe5Fx-GI4Vt1e5Ewfszr_1b515KudprJBEHPrjk9ld5nc3jMcH1hYUfSPy3G_Qgsts_T0NsCPO4h4v1QBTvdZB_0Ykr5_SS76tUCxT6j2i8bla0Tk5YtwZptDy_DtImXEssQlJ0-VvBrxi7wL1fk4sfoJZONW3TJKENv2SrR8CnMeUlofGvjx-oeXOCkF1W6OblVAnbc2FRJoCKZzx5qJC9KQsI6jIYUWUDIYY0OaBapmP9LO_XubadHj4p483Cv6Nl5xaMHtXLnA5c4DZ8HKEYFHebG5ST013hWvqXyOyIV6GP122e-g_usaL97M6cuZ8iA8ZF5t7iSI2OddOx892VMp3Adbz6t-qDpobRzDOl2J2okmHqrAEZ6d2dkbrIvsjsq_pEYQ95EUeRKmb82-wa8yoyv3zNo5YgkIoKRFFu9xKEnP-pgW7AybUbvNXLprwfg6jUSG01IQBVaJ9g4cwHz5hQR50RgWxU1XRS6T2311YfRktCmifnGrRpaKgZ0EjfROD1MDaaaPtC1jvfoWbBfgwt8dd0apUxXAa2XuU0yGFWjF-s5TDD8FxXU4eu99Zns3nI96PEDnS9Vg-ZLfSW-k5K_MdyKaXSpKnHOkDGjXuWcBHW4BdaA0hinAqSmmjo8YZetqgTeZZq_gMYG5K7Y6IF3X5ez2BmqfV5N5R79VgM6yOtQYQo6VpLm9q1am7OiuelQD2eSQq4CBwxVpWm0_lg_8fcWsHqC6OH_PiBqwMM25gcb9oWrIi1J7OM_kwbFZ4FPTuDV7o1q_iY3s1_q4eJ0-mE8Fyq3J5foi2e8yYA8GMd0HHZGuI7m-7pstwvQr5QnQhCASrR2liFY3_nuSR5y7wtmQrZheUU9NTe55i6tMuDR_0lJwismqcVq4DeMxfSv7P0xN0JBs9CAw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cutimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 5E0D 77 B
285 B 144ms
143ms XHR
image/gif 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=222436&smartad_variant_id=6052&device_type=computer&geo_state=thueringen&impression_id=ZZwkIAIafOGR7Wx0j5TJMgAAACM&adgroup_variant_ids=225240,131881,312974,222436,222440&geo_ccod=de&geo_dma=&smartad_id=3421

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:41 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8425d9701ca35902-TXL
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:41 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 5E0D 77 B
137 B 144ms
144ms XHR
image/gif 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=222440&smartad_variant_id=6052&device_type=computer&geo_state=thueringen&impression_id=ZZwkIAIafOGR7Wx0j5TJMgAAACM&adgroup_variant_ids=225240,131881,312974,222436,222440&geo_ccod=de&geo_dma=&smartad_id=3421

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:41 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8425d9701ca75902-TXL
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:41 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 5E0D 77 B
137 B 156ms
155ms XHR
image/gif 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=312974&smartad_variant_id=6052&device_type=computer&geo_state=thueringen&impression_id=ZZwkIAIafOGR7Wx0j5TJMgAAACM&adgroup_variant_ids=225240,131881,312974,222436,222440&geo_ccod=de&geo_dma=&smartad_id=3421

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:41 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8425d9701ca95902-TXL
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:41 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 5E0D 77 B
138 B 158ms
157ms XHR
image/gif 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=225240&smartad_variant_id=6052&device_type=computer&geo_state=thueringen&impression_id=ZZwkIAIafOGR7Wx0j5TJMgAAACM&adgroup_variant_ids=225240,131881,312974,222436,222440&geo_ccod=de&geo_dma=&smartad_id=3421

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:41 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8425d9701cad5902-TXL
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:41 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame 5E0D 77 B
139 B 163ms
163ms XHR
image/gif 172.64.146.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=131881&smartad_variant_id=6052&device_type=computer&geo_state=thueringen&impression_id=ZZwkIAIafOGR7Wx0j5TJMgAAACM&adgroup_variant_ids=225240,131881,312974,222436,222440&geo_ccod=de&geo_dma=&smartad_id=3421

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:41 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8425d9701cae5902-TXL
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 16:34:41 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame CAB9 23 KB
8 KB 148ms
63ms Document
text/html 88.221.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUN4B97C&prvid=2034%2C2055%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C237%2C238%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C3011%2C182%2C262%2C461%2C244%2C201%2C2039%2C246%2C4%2C126%2C203%2C10000%2C108%2C9%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.22 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0d91c3104f02675a1a7fd3eb9e4fb0b5f7da67f199e90c6f0318ea47f8c121e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 8431
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 16:34:42 GMT
expires: Wed, 10 Jan 2024 16:34:42 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 / Show response
spl.zeotap.com/ Frame AF18 9 KB
2 KB 97ms
42ms Document
text/html 2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af1c34887f3f2535904a83d4c37ad072209913fbc6a908375ad516a4251df48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.cutimes.com
cf-cache-status: DYNAMIC
cf-ray: 8425d979be1d9052-FRA
content-encoding: br
content-type: text/html
date: Mon, 08 Jan 2024 16:34:42 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B3FB 16 KB
6 KB 100ms
29ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=148697
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 08 Jan 2024 16:34:42 GMT
expires: Wed, 10 Jan 2024 09:52:59 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 3355 0
0 29ms
29ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 08 Jan 2024 16:34:42 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 204 /
onetag-sys.com/usync/ Frame DD31 0
0 22ms
21ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1704731679745

Requested by

Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BC34 52 KB
17 KB 131ms
29ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 08 Jan 2024 16:34:42 GMT
ETag: "623de86a-cf34"
Expires: Tue, 09 Jan 2024 16:34:44 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 pd Show response
yourbow-d.openx.net/w/1.0/ Frame C751 199 B
298 B 103ms
31ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://yourbow-d.openx.net/w/1.0/pd
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 08 Jan 2024 16:34:42 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7944 281 B
555 B 136ms
36ms Document
text/html 88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.yourbow.com
URL: https://cdn.yourbow.com/alm/cutimes/hbyb.js?2024-01-08-11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cutimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Jan 2024 16:34:42 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 400 getuid
ib.adnxs.com/ Frame AF18 0
0 41ms
34ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame AF18 170 B
243 B 38ms
31ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=cdc27ede-7a2a-43d2-84e3-6520bc8f9306&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b...

95 B
177 B

38ms
38ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=cdc27ede-7a2a-43d2-84e3-6520bc8f9306&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97b3f739052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Mon, 08 Jan 2024 16:34:43 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=cdc27ede-7a2a-43d2-84e3-6520bc8f9306&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame AF18 0
454 B 118ms
41ms Image
text/plain 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame AF18 70 B
149 B 150ms
53ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame AF18 0
203 B 79ms
28ms Image
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230118-FRA
server: nginx
x-timer: S1704731683.934288,VS0,VE8
x-fastly-to-nlb-rtt: 7498
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame AF18 0
460 B 399ms
114ms Image
text/html 2600:1f18:6593:f602:8bd3:480b:a39:d536
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 16:34:43 GMT
X-Fw-Request-Id: ume3124_1704731683223175196
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame AF18 0
163 B 149ms
45ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 08 Jan 2024 16:34:41 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame AF18 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dec5098c-cca1-4483-69b7-dae58bda9e24&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://mwzeom.zeotap.com/mw?cid=08219036741481454810063309085684041017&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-...

95 B
154 B

82ms
66ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=08219036741481454810063309085684041017&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97a7ec49052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

dcs: dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: QYV0gYasRTw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://mwzeom.zeotap.com/mw?cid=08219036741481454810063309085684041017&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame AF18 0
324 B 211ms
46ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET zeotap.php
bn01.er.bemail.it/ Frame AF18 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7321766822678821012&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-...

95 B
154 B

43ms
42ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7321766822678821012&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97a9ee29052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7321766822678821012&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Date: Mon, 08 Jan 2024 16:34:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame AF18
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24

95 B
428 B

62ms
62ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 08 Jan 2024 16:34:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dec5098c-cca1-4483-69b7-dae58bda9e24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=VBhRHXGHXJMS5OWnXWIk0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f...

95 B
154 B

38ms
37ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=VBhRHXGHXJMS5OWnXWIk0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97b6fad9052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 google
last-modified: Mon, 08 Jan 2024 16:34:43 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=VBhRHXGHXJMS5OWnXWIk0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame AF18 0
84 B 103ms
26ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dec5098c-cca1-4483-69b7-dae58bda9e24&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:43 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dec5098c-cca1-4483-69b7-dae58bda9e24?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

95 B
165 B

52ms
41ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97a7ec19052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
cache-control: no-cache
x-server: 10.45.22.126
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-N7F5gHtE2opfIl2uInQg3kh4PtocpO4E9Q--~A&zpartnerid=570&env=mWeb

95 B
154 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-N7F5gHtE2opfIl2uInQg3kh4PtocpO4E9Q--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97b9fd19052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-N7F5gHtE2opfIl2uInQg3kh4PtocpO4E9Q--~A&zpartnerid=570&env=mWeb
date: Mon, 08 Jan 2024 16:34:43 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=UCbPtDdKYrU0c1NfnLgbqiyqOf9KXs51%2BS41iYitP1U%3D

95 B
154 B

42ms
42ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=UCbPtDdKYrU0c1NfnLgbqiyqOf9KXs51%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97c38519052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=UCbPtDdKYrU0c1NfnLgbqiyqOf9KXs51%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame AF18 42 B
204 B 97ms
35ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame AF18 0
338 B 162ms
44ms Image
text/plain 54.246.208.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.208.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Mon, 08 Jan 2024 16:34:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=59 t=1704731683
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame AF18 0
60 B 364ms
29ms Image
text/plain 168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:33:05 GMT
x-powered-by: PHP/8.2.5
server: nginx

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZZwkHwAAAJFWvwNx&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf...

95 B
154 B

36ms
35ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZZwkHwAAAJFWvwNx&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97c88969052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-fra-etou8220102-FRA
pragma: no-cache
date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1704731683.165594,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZZwkHwAAAJFWvwNx&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame AF18
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bed...

0
337 B

43ms
43ms

Image
text/plain

54.246.208.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 54.246.208.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 08 Jan 2024 16:34:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1704731683
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
date: Mon, 08 Jan 2024 16:34:43 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame AF18
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b...

43 B
568 B

46ms
46ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 16:34:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FV8F0N2TSRGC85N544QW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 08 Jan 2024 16:34:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J3QE7Y4M89XD2ZDBDSE5
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame AF18 0
145 B 290ms
190ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

95 B
154 B

38ms
38ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97cc8ce9052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
date: Mon, 08 Jan 2024 16:34:43 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda...
https://mwzeom.zeotap.com/mw?cid=LR55866A-Z-G7CY&env=mWeb&zpartnerid=1770&gdpr=1

95 B
154 B

37ms
36ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LR55866A-Z-G7CY&env=mWeb&zpartnerid=1770&gdpr=1

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97c98a09052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LR55866A-Z-G7CY&env=mWeb&zpartnerid=1770&gdpr=1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 syncd
x.bidswitch.net/ Frame AF18 43 B
146 B 169ms
23ms Image
image/gif 52.58.206.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddec5098c-cca1-4483-69b7-dae58bda9e24%26reqId%3Dea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.206.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-206-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame AF18 95 B
154 B 37ms
37ms Image
image/png 2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97c88999052-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame AF18
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=1sXVANLE3lDNxY0B0cTBV4PD2ALNwdgF0JYDGi_g&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-448...

95 B
154 B

35ms
35ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=1sXVANLE3lDNxY0B0cTBV4PD2ALNwdgF0JYDGi_g&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97d39179052-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=1sXVANLE3lDNxY0B0cTBV4PD2ALNwdgF0JYDGi_g&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=dec5098c-cca1-4483-69b7-dae58bda9e24&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame AF18 557 B
467 B 39ms
37ms Script
text/plain 2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b6d597b6dd9ec8dd3ef761e0da63c9d0459c446301d9b1d3b4f35bc43c1385

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:42 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 8425d97a0e609052-FRA
access-control-allow-headers: *

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B3FB 0
42 B 131ms
45ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90890957&p=158370&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 16:34:41 GMT
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BC34 0
763 B 35ms
35ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:42 GMT
an-x-request-uuid: 51eddc18-aed5-4ca7-bca3-e0a3c7e7310e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7944 45 KB
13 KB 77ms
76ms Script
text/html 88.221.125.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-125-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b81b83026ec3168e76506924d817676ead421b22da3f29085eb85fc71bce31ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 16:34:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jan 2024 22:49:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22504
Connection: keep-alive
Content-Length: 13174
Expires: Mon, 08 Jan 2024 22:49:46 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7944 7 B
380 B 113ms
24ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BC34 0
763 B 37ms
37ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jan 2024 16:34:43 GMT
an-x-request-uuid: 59b340f1-b21a-4244-b16c-780dffc12d10
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cutimes.com
URL: https://www.cutimes.com/assets/master-template/js/release/lazyloadXT.min.js

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Domain: bn01.er.bemail.it
URL: https://bn01.er.bemail.it/zeotap.php?_bid=dec5098c-cca1-4483-69b7-dae58bda9e24&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361

Verdicts & Comments Add Verdict or Comment

347 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
store.law.com/	1970-01-20 17:32:15	Name: regSID Value: abbce637-ee4d-4394-b941-98804a9f463c
.law.com/	1970-01-20 17:32:54	Name: ipAddress Value: 5VQ6acdVEpUppHUuskY%3d
.law.com/	1970-01-21 03:08:11	Name: UCID Value: 2c5c9656-81af-4665-bbd0-e1b158ff481d
store.law.com/	1970-01-20 17:32:54	Name: CSRFToken Value: DoeYqRzCNKTZhGPIzc8zl5sBQ84rrwwHgLaqsf9VUGw
.law.com/	1970-01-20 17:32:54	Name: ActiveDomains Value: pBFiNZNKRc5v%2fCBl81BBygc%3d
store.cutimes.com/	1970-01-20 17:32:15	Name: regSID Value: 438aec53-83c5-4b0b-b5ab-73038be5c9f2
.cutimes.com/	1970-01-20 17:32:54	Name: ipAddress Value: 5VU9dsxVRI0rr386skoSn1mcNXBuHuI%3d
.cutimes.com/	1970-01-21 03:08:11	Name: UCID Value: f32cbf28-06dc-43b9-9fed-960d6f3a638a
www.cutimes.com/	1970-01-21 02:17:47	Name: ssoCompliant Value:
.cutimes.com/	1970-01-21 02:17:47	Name: utag_main Value: v_id:018ce9ed1680000f79d03949170003074003006c00b08$_sn:1$_se:1$_ss:1$_st:1704733478338$ses_id:1704731678338%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:cutimes.com
.cutimes.com/	1970-01-21 02:17:47	Name: oly_fire_id Value: 3348C6813023A1M
.cutimes.com/	1970-01-21 02:17:47	Name: oly_anon_id Value: 2f2e9272-ed8b-4468-966b-aa499b286c8c
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.demdex.net/	1970-01-20 21:51:23	Name: demdex Value: 08219036741481454810063309085684041017
.adnxs.com/	1970-01-20 19:41:47	Name: uuid2 Value: 829836357413403589
www.cutimes.com/	1970-01-20 17:33:38	Name: almGeoLoc2 Value: DE
.cutimes.com/	1970-01-21 02:17:47	Name: cf_clearance Value: dObRu8mvmOtvv_lAOQA_9i5sKzUzGE9ZBXKjfgLaXPc-1704731678-0-2-f16d0d37.73d6ee16.a66c52d7-0.2.1704731678
.cutimes.com/	1970-01-20 17:32:11	Name: lotame_domain_check Value: cutimes.com
.cutimes.com/	1969-12-31 23:59:59	Name: AMCVS_96C4370453295E4C0A490D44%40AdobeOrg Value: 1
.cutimes.com/	1970-01-21 03:00:59	Name: _cb Value: D1V55wCX4NTkCYa--_
.cutimes.com/	1970-01-21 03:00:59	Name: _chartbeat2 Value: .1704731678867.1704731678867.1.Vv4cbBJQ2ePCFv5CKBRPgonCHiNm4.1
.cutimes.com/	1970-01-20 17:32:13	Name: _cb_svref Value: external
.cutimes.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.cutimes.com/	1969-12-31 23:59:59	Name: s_tp Value: 8107
.cutimes.com/	1969-12-31 23:59:59	Name: s_ppv Value: cut%253Ahome%2C15%2C15%2C15%2C1200%2C6%2C1
.cutimes.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.cutimes.com/	1970-01-20 19:41:47	Name: _gcl_au Value: 1.1.486972397.1704731679
.everesttech.net/	1970-01-21 02:17:47	Name: everest_g_v2 Value: g_surferid~ZZwkHwAAAJFWvwNx
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
prebid.a-mo.net/	1970-01-20 17:32:11	Name: _Amc_b Value: 0
.dpmsrv.com/	1970-01-21 03:08:11	Name: dpm_pxl Value: effe6b4030fa559b9b78beabaa4d6379af163e12
.dpmsrv.com/	1970-01-21 03:08:11	Name: dpm_pxl_aid Value: 829836357413403589
.rubiconproject.com/	1970-01-21 02:17:47	Name: khaos Value: LR55866A-Z-G7CY
.rubiconproject.com/	1970-01-21 02:17:47	Name: audit Value: 1\|hLZGFuTafB0O7vQw8qz6n7U1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+zBe3jAGcAo5+EMertEmWyaHhfnFT4rLmuBxGCOXoSK1I8bbQ2uRe5K+xUA9sgf/4b7FQD2yB//h
www.cutimes.com/	1970-01-20 17:32:11	Name: olytics_dfp_keys Value: []
.dpm.demdex.net/	1970-01-20 21:51:23	Name: dpm Value: 08219036741481454810063309085684041017
.e-planning.net/	1970-01-21 03:08:11	Name: E Value: AEfEPuIrloICaCnv
.linkedin.com/	1970-01-20 19:41:47	Name: li_sugr Value: e596b6ea-653a-4eea-921d-d13542921e5d
.linkedin.com/	1970-01-21 02:17:47	Name: bcookie Value: "v=2&14d52b10-a86f-415e-83cc-8ac14b95a694"
.linkedin.com/	1970-01-20 17:33:38	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3163:u=1:x=1:i=1704731679:t=1704818079:v=2:sig=AQGGO-QfmfSJg3ekxUWF3wSOQOIziwPr"
.cutimes.com/	1970-01-21 03:08:11	Name: AMCV_96C4370453295E4C0A490D44%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19731%7CMCMID%7C03712930131070338651053859120817671033%7CMCAAMLH-1705336478%7C6%7CMCAAMB-1705336478%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1704738878s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19738%7CvVersion%7C4.4.0
.doubleclick.net/	1970-01-21 02:53:47	Name: IDE Value: AHWqTUkQsI6MNNCmAUTmGS_IP5ZUe-YK16tvoTOGLRL4-TTj2UwICyIxPeRG4vo0TOQ
www.cutimes.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.cutimes.com/	1970-01-21 02:53:47	Name: __gads Value: ID=c7f48c1e00d41c78:T=1704731679:RT=1704731679:S=ALNI_MZgGIXIccSW1wp2KD0n6I0X84K4Og
.cutimes.com/	1970-01-21 02:53:47	Name: __gpi Value: UID=00000d3d6f8e8d7e:T=1704731679:RT=1704731679:S=ALNI_Mb0n_XRXShRWi0F3zI8TQTXxUTEdQ
.cutimes.com/	1970-01-20 19:41:47	Name: _fbp Value: fb.1.1704731679842.1991640856
.linkedin.com/	1970-01-20 18:15:23	Name: UserMatchHistory Value: AQLT8qptmWhT2QAAAYzp7Rxp2_vBIRYhDQeM4XHgzmAx_DGBwoFTTxpeS0BBnN3AJ0RRUTL-gNpNuQ
.linkedin.com/	1970-01-20 18:15:23	Name: AnalyticsSyncHistory Value: AQLvEd1W9Fi0rAAAAYzp7RxpphTD-Mr1i9oBpmaY3N0SDhpoeqLBfYbkIAwKYgZXKP7wkBDlPuJbBnsn6hufLg
.prebid.a-mo.net/	1970-01-21 02:17:47	Name: __amc Value: 6_1704731679_1704731679
.twitter.com/	1970-01-21 03:08:11	Name: personalization_id Value: "v1_5Yij38E+aZHTVqBo7DLMqQ=="
.t.co/	1970-01-21 03:08:11	Name: muc_ads Value: 1e3162c5-0611-47b9-9fb3-30664db271a3
.adnxs.com/	1970-01-20 19:41:47	Name: icu Value: ChgIv494EAoYASABKAEwoMjwrAY4AUABSAEQoMjwrAYYAA..
.pardot.com/	1970-01-21 03:08:11	Name: visitor_id997701 Value: 193618294
.pardot.com/	1970-01-21 03:08:11	Name: visitor_id997701-hash Value: 3f4787d61099a6ebc38fbd892b935334bb027bf3a4feb9ea3c921320bba217a05773dbdcc5accaa250ab847f3f0aaa5e7f66d9ff
pi.pardot.com/	1970-01-20 17:32:13	Name: lpv997701 Value: aHR0cHM6Ly93d3cuY3V0aW1lcy5jb20vP3NscmV0dXJuPTIwMjQwMDA4MTEzNDMy
www.cutimes.com/	1970-01-21 03:08:11	Name: visitor_id997701 Value: 193618294
www.cutimes.com/	1970-01-21 03:08:11	Name: visitor_id997701-hash Value: 3f4787d61099a6ebc38fbd892b935334bb027bf3a4feb9ea3c921320bba217a05773dbdcc5accaa250ab847f3f0aaa5e7f66d9ff
.www.linkedin.com/	1970-01-21 02:17:47	Name: bscookie Value: "v=1&202401081634400b3eb646-bdc4-4d11-81bf-2cc21e957b9aAQFRXqgdLEr34LmHk-jCXJmdTDo8AllK"
.linkedin.com/	1970-01-20 21:51:23	Name: li_gc Value: MTswOzE3MDQ3MzE2ODA7MjswMjHZnCwkB5of2cZHdjXv7moMbeCSHYPux0U6g1VnCdXZng==
.criteo.com/	1970-01-21 02:53:47	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:53:47	Name: uid Value: a08d0e8e-c92a-497f-8e65-8cc06f704098
go.alm.com/	1970-01-21 03:08:11	Name: visitor_id997701 Value: 193618294
go.alm.com/	1970-01-21 03:08:11	Name: visitor_id997701-hash Value: 3f4787d61099a6ebc38fbd892b935334bb027bf3a4feb9ea3c921320bba217a05773dbdcc5accaa250ab847f3f0aaa5e7f66d9ff
.cutimes.com/	1970-01-21 02:53:47	Name: cto_bundle Value: Uu5d3V9WRUl2ZjRSYm1xdHNCczZLV0l1Sjc0alIySkN5MzByVXZrdGlqJTJCcGZ3Sk5sS01pQno5RXZuZzE4bEphU2J4ZHVrR3phJTJGeEFOeGUlMkZXMXNuUWxTVEtTOTRVU0dtNGFHJTJCVkRyQ2pMQSUyQnlGenhlbnZwSlhDTW1XTGRkMkhLek1sUEl1clB6cWlNWWwwJTJCayUyRk9PSHd4Y1JCQSUzRCUzRA
.zeotap.com/	1970-01-21 02:17:47	Name: zc Value: dec5098c-cca1-4483-69b7-dae58bda9e24
.zeotap.com/	1970-01-20 17:33:38	Name: zsc Value: %B5E%1D%AD%A0%E1%B3%3F%FB%D7%E1%FC%FC%9D%D8JSf%08Y%CE%3D%015%C9%D1e%CB%1A%013%0Am%B0X%5DK%DBy%12V%F83t%D1%8A%28%9Eg%E8G%9E%81%91%E6%F4%F5%DA%97g%EA%17d%FB%DF%BA%CEZZ%B7%BD%16%A4%B1%08%ED%E4%09%27%90%1Cb6%5Cg%F6%E0x%F7%0Cs%5B.%8C%C1C%EA%C3%EB%E3%BCZ%9B%068%81%82G%06%A4%F8B%7B%CA%90~A%94%02%23%83%FE%BDs%86X%87%18%16%D6%9B%CB%FB_%B4%83%FC%3C%B2%A0%12%EE%89%97%AA%B5%E9%95%DF%AB%BC%26qv%84%AF%18%D5%B8%80B%0C%D8%08%9D%1E%1B%ED%EF%16%17
.adfarm1.adition.com/	1970-01-20 19:41:47	Name: UserID1 Value: 7321766822678821012
.tapad.com/	1970-01-20 18:58:35	Name: TapAd_TS Value: 1704731682947
.tapad.com/	1970-01-20 18:58:35	Name: TapAd_DID Value: cdc27ede-7a2a-43d2-84e3-6520bc8f9306
.tapad.com/	1970-01-20 18:58:35	Name: TapAd_3WAY_SYNCS Value:
.weborama.fr/	1970-01-21 02:58:06	Name: AFFICHE_W Value: dXBFH3J3XS1158
.yahoo.com/	1970-01-21 02:18:09	Name: A3 Value: d=AQABBCMknGUCELE49AP7T2xIXTQQgH6sOj0FEgEBAQF1nWWmZeAOyiMA_eMAAA&S=AQAAAre_eXiE6eRrT-nm4WXbu1E
.analytics.yahoo.com/	1970-01-21 02:17:47	Name: IDSYNC Value: 19ah~2g2g
.krxd.net/	1970-01-20 21:51:23	Name: _kuid_ Value: QBhQKeli
.agkn.com/	1970-01-21 02:17:47	Name: ab Value: 0001%3A9q6dBeuB7v8eAkgpGkfnTfBx4HbBT5j3
.fwmrm.net/	1970-01-20 21:51:23	Name: _uid Value: ume3124_7322341118935984744
.quantserve.com/	1970-01-20 19:41:47	Name: d Value: EEkBDQHtKuvLswA
.quantserve.com/	1970-01-21 03:02:26	Name: mc Value: 659c2423-5ab14-4c34a-14f0f
.adnxs.com/	1970-01-21 03:08:11	Name: XANDR_PANID Value: _U1Giikuc2ZP7uX92hUjl3GNhubJtHJuiQph5UqSnZbuVoGv4tq4z76b27hA-kxbET9l4WniXz4fuEBXn9Wp7UE9scWsXfwWTV0P56zNAFI.
www.cutimes.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 8.003

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/2429680573784973?v=2.9.139&r=stable&domain=www.cutimes.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=829836357413403589 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F(Line 70) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3420&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F(Line 73) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F(Line 65) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
security	error	URL: https://www.dianomi.com/smartads.epl?id=3421&url=https%3A//www.cutimes.com/%3Fslreturn%3D20240008113432&canServeAds=true&canCookie=false&gdpr_consent=&referrerUrl=https%3A%2F%2Fwww.cutimes.com%2F(Line 68) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.dianomi.com') does not match the recipient window's origin ('https://www.cutimes.com').
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dec5098c-cca1-4483-69b7-dae58bda9e24&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=dec5098c-cca1-4483-69b7-dae58bda9e24&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dec5098c-cca1-4483-69b7-dae58bda9e24&reqId=ea7e6404-51a9-4f5b-4c7c-ecf68bedcf5b&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ajax.googleapis.com
alm.demdex.net
analytics.twitter.com
ap.lijit.com
b.law.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.yourbow.com
cdnjs.cloudflare.com
cdp.omeda.com
clientcdn.pushengage.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cutimes.com
data.dianomi.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
e0ac3cf2e8b1d8bff449a7b250be2993.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoip.alm.com
go.alm.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
images.cutimes.com
imageserver.amlaw.com
linkmktg.cutimes.com
loadeu.exelator.com
match.adsrvr.org
mb.moatads.com
ml314.com
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
olytics.omeda.com
onetag-sys.com
oqs.omeda.com
owlcarousel2.github.io
p.typekit.net
pagead2.googlesyndication.com
pbjs.e-planning.net
pi.pardot.com
ping.chartbeat.net
pixel.rubiconproject.com
pixel.tapad.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
px4.ads.linkedin.com
rtb.openx.net
s.dpmsrv.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snap.licdn.com
spl.zeotap.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
store.cutimes.com
store.law.com
sync-tm.everesttech.net
sync.richaudience.com
sync.tidaltv.com
t.co
tags.bluekai.com
tags.crwdcntrl.net
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
use.typekit.net
usermatch.krxd.net
vi.ml314.com
www.cutimes.com
www.dianomi.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
yourbow-d.openx.net
z.moatads.com
bn01.er.bemail.it
sync.tidaltv.com
www.cutimes.com
104.244.42.195
104.244.42.69
107.20.71.201
108.138.36.90
108.138.9.235
13.107.42.14
13.249.8.8
141.147.81.223
142.250.186.162
145.40.97.66
146.75.116.157
151.101.66.49
168.119.72.236
172.64.146.151
18.238.243.122
18.239.18.12
185.15.245.83
185.64.189.112
185.86.138.121
192.226.84.37
193.3.178.4
198.47.127.19
2.23.78.67
204.180.130.159
204.180.130.165
23.32.185.123
23.35.236.188
23.35.236.201
2400:52e0:1e00::1080:1
2600:1f18:6593:f602:8bd3:480b:a39:d536
2600:9000:20c3:5200:1e:5cef:3780:93a1
2600:9000:2646:1600:18:1fcd:353:c61
2600:9000:26db:ac00:7:2bfb:7c00:93a1
2602:803:c004:200::140
2606:4700:10::ac43:28ad
2606:4700::6811:190e
2606:4700::6812:2b7
2606:4700::6812:3b7
2606:4700::6812:c5a
2606:50c0:8003::153
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:f::213:7ee1
2a02:26f0:7100::1720:ef1a
2a02:26f0:7100::1720:ef23
2a02:fa8:8806:16::1460
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::300
3.233.0.138
3.71.149.231
34.111.113.62
34.111.131.239
34.117.77.79
34.120.63.153
34.160.236.64
34.230.166.102
34.237.219.119
34.250.5.176
34.255.53.47
35.157.26.8
35.186.253.211
35.201.104.135
35.244.141.151
35.244.159.8
35.244.174.68
35.71.131.137
37.157.5.132
37.252.173.215
51.89.9.252
52.17.110.172
52.213.250.206
52.44.115.142
52.50.241.158
52.54.96.194
52.58.206.230
52.95.126.160
54.246.208.24
54.246.43.192
54.78.254.47
63.140.62.164
69.173.144.138
69.173.144.139
69.192.160.219
85.114.159.93
88.221.124.22
88.221.125.233
0148a69b678568e8f7a40af61066dc0f970f6da6e58024a4e599d9e25d7ec432
026ab806d2c45a791ebeef1f27fde0f9cd190da121f930d4a5a29c869817a184
03d9b5b76e67f731f38a28f50ab51262d00b0a8660486df26fb8d4571d1cbd6e
041022670c958de62f58f35921410dad9c9d766ec5b5329db106ac1095157850
04a185d67f6ead753be77d3ed23364e4bd28e21168628df5a8ea26f0a1f54de8
04dc72ecdd80023570b3e8f96f8ce1a40c3ad2725e4307d70fd1a39993aa896c
0504eb70d9568e33fdfa548b40d7e87b55f6478c6b8fb299d50bc1d363404476
056b02a16bad80d9499ea097b5dd865bb3eb8e1a0475ac6d7c106dd1ebd05204
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075e1a285de33ad2c3cc75f3ebe775feb23d27f52aa8213be408e4cbc3623a10
07da39edbe1f34550cc00d116e356078efcfdee3dbe6d73148f83f8d69b75aca
083018544ecfdbe6462c83d2595a7253796352ca3df1d37bbe9cf674bee82fab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96e2d8daef004fa73380c29b23a4c7f9c790c75a1c9f538859de1fcfbae895
0cd4c40fc01d51572602f422faeaf4301c5b0d28c55d0fafdf82063d8c235de1
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d91c3104f02675a1a7fd3eb9e4fb0b5f7da67f199e90c6f0318ea47f8c121e5
0e7db155e4c34d8ad22382d0d23c4f30e3919b243c8ad4f852bce7bbe11777d9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f95ab2dc37abf3779294a406533fcb6989b491c339e468c5e05a266b4fbd3e7
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1145d0e2509ca7e780f5643d8b0039a1134bf2b69a06b0b14df2b8cdb6229dcd
11f5b95b14ae02098484c3fb428a99aca283db551516999cc9603f4d3712198e
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1464e33b6ab1590344b0611e1cceb0b144a2f53333b81b3000dc019c69f0c8c8
148bbfcde30b31ca1b10db5991c22fcbc396c86d5102f425e0314d651f0375e6
1545a4c726f0caeae31f3d93335ae2be80c9415679ac640c77b666918c5dc6be
1731a67991a84fb387adaf4dfc6176dea8f2594bafaff47c9f0fdead2026c75c
1be06778698a2eb16ae1c7152d7256350580f4a21fc43c5ef4218407135b0896
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cee866706a66953962aa8c82e1b6cb73b3830ab3cb4ece273000798f521e425
1e3249064a4012534a6a83094f9346df5796096a6590bbbcc1c1055aab9ecf3e
1eb815248d6e9fedef4b63a7caec0cecaa6a543af0a9321547f2b3c85822b2fa
20e5275f6ca7c4a4f1d537188a0b31c722d7e4c59500fdf888f85791d39ccf66
22976efc2bda885cbee56a2c1c1f90a6d8a44fe00bedd1ff30b4ae61ebf5852d
242f7a4cf3f1ca8be2a2fc2f5c2bdc24c51ac07076718f07763b20a1f7d0931c
256e70dabf1be873771c11175891903a1431b2f03e2862b833806be3272edd05
26826aeb967b9e8670b198b37c1a738ea7eb4e4b879b50ca415a17565bba90e8
26ff1312191a61f1b6fe177f99358e2c9825e848c06d7054de5b18ecdba9a48b
273525960d71d102a7c4af50c513ecce296ea3f52777f4e355257490b11a4514
27ac1b195c3b575502ad75853795ac19b35b3d1bc954ce671a487522bd1e69a9
294fddfdcdcd9d7558d4b0867a254c9888d85d7dcd7a8ed4074fa8c23c8b25df
29b6d597b6dd9ec8dd3ef761e0da63c9d0459c446301d9b1d3b4f35bc43c1385
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
2af1c34887f3f2535904a83d4c37ad072209913fbc6a908375ad516a4251df48
2cc1ae951839c9630aad94142f6632c437aff325b6581fb0da2e32a1abd1db1e
2e14fd972db512adf70225340ba5ed2d6864edc21a0633ee78d1bc6cd12c0acd
2e3d95a11e0bd0b827cfc070a248331c238cc16ddac3c0472242380d04b65fba
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
30b311e412a9c417d2f590bb6df0767d4027bb82246ab38be83639e1cde87ac0
30de911f70fbfdee70d5159b61cab8149251740e97dcbded177b534ceec6284a
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
342ec68ee8ddd49d88f0d876c922c32af48c8cbf38bfc91ca43a008dbacd07d1
3699a843f8ef955b6fbcbf2da258ad810143e5e90c1dc01c086bde121caa17ac
36ae6a15125a8ff43b1f6770419611a808d83b88188a034342c7accb97ca0468
370bd7d3f88ec9fc036525c0c536fdfbb1c7d6abb0c225a372554b82fb1bf18e
376d0d3b704052af5fea24f143107179b06688524c68d5731c93c5c3b3ebc393
395c5a2d7edfc2c9dfa29ca47edf85126a8474fabae277ffa67f51c2674962b2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d21bcee8e4e8f2c909c58ca56aaef23cec66be18425e0aec59ca80dceed4055
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4b10bddcd2040b7e0c34a9f5680a64e0ee44c8e00259dfaa60ba1739effb88
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
413d8800aa1cb604287d7191ac1a3d39b1724b93b17aaea34dd9a70c6b499e3a
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
41c3ac78162c93e041c43dcebf3ab8b002eb1a13731d409d8e3976bbdcf89ce9
433bb3ccae87b9a50860ccdb54e46873d5787492e714ff502b815262576fc076
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4408cc56f4b6c43a6854f2f316b19131efd83eec33de59129659a5e7765ec221
450b1a3596e6251ffcaad5a830fa369181338aff49f037a835deab2e72dc4a0e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4760c756542255eb117abbe7d21da254745d112cfd5b486396fea7ed980d3084
47f5833d3047d4d02398943ee979e02dbaac3746362d82d45d145c73b3054a38
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a82bee07313431bd21f21b7335057d06023d6562435ec23d35496349a833fd9
4b2c4cddc369e8c521eabe08f086ec6a2b8a7ad0360036348ff01c9b16775b8b
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4ec9adb7c80453db81348cb3bb7bff2f2f18217e136f313debbe1f75a2fc4002
50a3d617c800f4ea10c12683b104546b34d3013627d547d327d1c01a2d838ca2
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
529dbf3c924f433945bb884031d036df0e0b9c20d7f1f9c735e891fb041cdf18
530f27d54810f580c13cff61057e563efc43a8d4001b1eb746e99c5992bf51cc
53816d4dc06adf9fe893bf0ad7858cdd7e39bd38920d8772e5bce8a760a67ad1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577dbde57ff48de62dbb95c35f1e289fc59ed3ae2218e7f083c9071d1c65f9c6
582f1b5d33e54e95557255c97d79a90d3fda73d7b2b105695446fe643eb737cc
58b98d31c5a3eb6974120711466f20510d1a748a27ed47fcd06455de0adafb9a
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1f9d4a70121359493d87cfb029bf3202ba37f0dfdf85bf98a4dc3a64c7335
6300593201861e0074ba84bdd2020b81fd995c806899aecd681137eea265b04b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66a7dbc9a0ba12522d0ad41b15543262e5710e3a6c20d7a4ebe468550ca8963a
68e0d78fab6d730ebc837900912f3df5db528829b3c082eddc18cf94e6feb154
6bd36ce04facff41ab5b774dfea1f83253f21d8dbff16037c6f310f07607a787
6c61fbd68922a5b30e74e32eeb224b6e13686411a2901c25690f6832a33000ef
6ce14d2512ca31ed3d90519287548f6861854746ca56ceffcc378982d6d86644
6ff567a4561010cb11f15d24a238869e1a55a405c703c2441331220afd4dc39c
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
7085f3200afb1b9fd3d9057c9f133ae005a8f0aba778ec9104451784eb7bed11
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
73ff78acac1d7fe4ba3d62e850b971db40500a6aff982ae35ff66367cb68e547
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75eb7f1fc9528aecd566f5317871cbc67105e80bd95aa0ffa693f8f7edc5ed24
7625b0eda49a7554cccfe266fbf8476055ac4bcfd1dcadfaeab461b0249e4238
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77d7fbabd50ebc363306dd1c68bf685b831ac5cd7c189ed2a0b29f3d0b5a5c36
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
78e8277f7da94affabdb145949caee50c5224f052d8a4f3dceec04857293daf0
79b6112fb9d042f582bd7d1d50b3d7ed64659443d4401400e76173d1e2d8cd4e
7a7712a00f39f633083fd3e0b103b69a5ad3048f7de94884dfce57dec76750e7
7af574c88fca5bc6f3a13236dbd90386f1da38f52355f02ba22093f43e85c209
7baa0f26bce11fe296b34f43c99817e63db5edadd9db99bad9d01c51133ef24c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d1d47e9784901423276fee7060fa65db32157267a5553dbb0898a2bfcab1c9c
7dc2ca21be3d09e121d4a58cac22dab1cbce44f49bb038fa689fc8724ca9636b
7e2d5f107501e2c8704a37f1720bf2f80cc285f65afb91721a1386eba3a940d6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
815767dfc57a4a2e55b41de05e8da9d8cd3cc80fc39ecf244ce99ef392c3165a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84d61a3b975aa256adb1cd5040f99c6d4aee90292fdff0fa1ce5f16b7a5b4475
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8603c52d16fbf21c3e3b9466552912acd0b96ab59e291ff83e6685939239e797
8669ed05a1a3cc143027392c230c291578b31d80e3596f90d5fee008d9ad8f2e
866e71a2b55fed66fc8ef10d5bab0716a5e31ea4d129f233321503dd04c31bdb
86cfa492f6a3046e0686e3eb2c3e6b05af3b4a4eadf8ba8cea677bc328ad34be
88270e4eb75a854c6d013630f78952e5662a30fdf804fe44241ecd9dcdb243a1
8852ee9b44863433a8b64a10a643b00c3afa79e23b0310e6590abfaf5a1a3140
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89bf8cdea73ce776d6b81d03837bc7f04af5e3946b839a3c0bfbf3094ad3f7be
8cf016dc693febdcdaac28d5a3da4d140d363da3ec03ba2f738888c23a9d8850
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e369df73c75ba151a635e449e2678ecd85af59ef27f213faeebf348c9248d47
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f3830f4596869a0e97bcd35acf79ff9e2e0200c52af178af27138d0c2bd21e7
8fd0c532809d8aeb3757907010e3863269341e0bbfd3bc79c3c07e0f3a5d2a80
8ff14e7090beb60dd4d22391b76fc95426ee3a6946e5197b2a9131310315f833
92328f99c7b0e8408bae1caabf1db6258afb28ddee4847581a07bf36fd74cd58
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9398dd93c612d77b9e0bcfe449becc1a5269af74409cbab1ae485c49d5bf3b9b
941cf0b91596c6a3cad514836e2447cb0c5399ca8881d671fb8193b2aaf8e7cf
9476829b95e258d910312ec7f2f30b425355061a2110d1e8f094b1c3a0587705
9797e504cf739152795de720ebd8a59627e5e34d2d9fbe5e1417e9a6104d6e96
98b77b6ec808d5031798aa26307cf2a499dc9cbb8502dc9e2994e58aeb9e4e1a
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b77f08b1a04c909c48a7f0f3b3e300f0e6f6abe667a19c513fedf67c19fa2a1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9bf3f970faf00a914f8631a2ec9e80a483c939e2a773827f15aea63606704541
9bf8b6fe6777878f07a89d10cba93316422df31a35b0dfbb477d7944d5edb6f7
9c78facc7b812a913538709a7679631774473e4b6ea283e6ed7897c937f51fbe
9d03fecbc0031b34e69716bd653c683881d140911ba1299f7b38205e51cd1771
9d04336e793ddeedfaad8312aca744e6ee10f4e3c9070461f6ff6cca636baa95
9dde752a0a83f77379ff94d7560a636796ff3bd448d4d0c54965795f356858d8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256f15a7dea4d79fedd7aaf3b20b45ee12fae7d2ea938f602e514d9ad010a59
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a32fdfe9251881d21b7013672cfa9bb9d18ec3ab59ec390817a5ee6032a44669
a34dbb29906ad91e13a53e8d79260d6793cc29bcbf6056c325a55e2284a30170
a555b228435a6d2443138ba58bc5cfc3545dd7ad14080ebb306cd03b7cdf4cfe
a84d20e54c2116962b5423e7e2c4b8eed26fe56cdbeb1c104a97683da1e17d7f
a946364fd8ae9060d0a8f5526726b265c43039bfaccebc65b9e9e106e52cab63
a9ff2d68ce2d644201644869d71b53fece002f8e4e8b0c85a18a177ec53d1498
aa5158e02767782683bcc0f350c745e7ed420dc6dae59110dfcbdf371729a743
ab8e4ac812d7261fdedd2f4085344b688b755b3ec8dfea8c87a603d1d276016a
ac7a01c8b391746a007cde8f14471f7ddfab811d92de9310b9fbd0de681b2b93
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc6b7af6492922cc7308bc2a08629cd5e291cb90c7876e1a7f3060d2c995daf
aea6d2abb5e56a748a217c3a13dc91ebb9d4cb989739feb1d13eeeb11dc21cdf
afd4be5a76e3b5d263c387030e42bf12e1fff408298be4d2443b5549b553a7d8
afe7d2a0362b4c7e3a70e761e7dca5a9b16691304f69338262022506765515c6
b022dd105c721adaa562f2d8dfdf0b8b7a4ef421d0612b9171386f26942d19ff
b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051
b3799c9e898b6106437b433ed07a0109b9f479914877b8e42f14563e4a72ace6
b72ea1062b7bb84439787a3341bbd692b4074493f1e618d3780cad3271c22494
b77f85037fd2bb095126796938e35096f20bf2d6a58de29b395b1897b4e17945
b796713fd51c9ee401b57ec4b3298bbf467e84477f1835062babb6d98f84c7c6
b81b83026ec3168e76506924d817676ead421b22da3f29085eb85fc71bce31ab
ba62dae25e95ca159c6c65fdd2538a85c1b836db40375b1576d916672c0ec928
bd05d9d820c56ab5c2e2da93da473cd02013b8fff06c92aec1ca00f35808b572
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3765c800e5f93a24b4ebf90945b65abc6103e53cda80ed41a34aff57c8dd9f1
c46a67386e530cdaf2a43c268a7007bf255b451936e0c56717f9592bd9efa0a6
c527b47539761841571efc2b5d04fb578c0d59353812b420fe5d0c9f1a786251
c617affb7d70ef25f7551268ba92294a4ed5ed55e46d7716996d3cc431497e9a
c67d3c71fb83e6e0d407fc0d76cf77203dac743381262cfd271f59b04c90bce8
c71b79ace2c71922221de3f0ef463eee85b848da0220a7d5afb57c06ba3388f2
c86a010e1e191393c0badd56c6be1327bcb8bc6e672c7cf711dd70b884207cd1
c874c9a3e2757790076e34bd49db931eb7484e6347877192f649429cf3f6e3e6
c9c880dda18671605427b3feda9d6aab2821d4a9be9cc2d0dcfb0691588083bc
c9d2b78bc1d108974dd23c4890adb381c9704e2426771287daeb0e623e77d351
ca24e241e6b5919583a0aeca5d25f0618a016816aad5520f05cfca4995a88d31
cb73804608c24294f5637165ca8bd1e02ffd861ca044d14f63f53da2279f1690
cbfdf0c16e6ec546e3635ca01c34ad1eefae83eb24a8533a83f16e849cfefb7c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd3a2f04ef5e7c87f9ca29f5d18064c6d906dd185baa6e0cd0f354f836fdf5d6
cd983ac133b21cb30a726eb5b49fff32eaadd7f79165c677fc52e2efcac5ff41
ce16cfcbaea661727dca218bd149e5b1d08fceb417f43c53b37676657ca25cdf
ce33283fc82034e91afe55a3b5c0d3b805c954ef5698cb941004b265e6a9bd8c
ced7967f6179918fa4b623b6bab81c485f23493a57a0ee3436da4b21aaf7e9c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d04a74be7fd6cedd16505b6ec47ed8850474e89113c0c1b4d6fb6d89b4e2bd1b
d0a76ec36613caaf91abaf681db7c469c02d7941647eb683409cdd21b7b1169e
d17f51aae2a75f2a2c89b66a3cbeaf643ae87885acbf40776305d5b62c6197eb
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d62f9c89984ad059d574ae6b64c9134628041695c09290643e2d53238638bdda
d6b6d81cfbd49fe1bd0236efeaa240acafdc559910819197df94983926f84d22
d848076aad575c2b1b4840797552f3fe1535c58154453c09d3f7b742b522c14f
d95fb6e728c0b89d6baf2e86fa2cb7b92aec01ace9bed8d12cb9697c6a3300a2
dbcb941637b7eb24fd2d4f621b95154238879012cd231069feff3030d95dcf6d
dbff16c4460e1ff33e8dc9dd67e89475ed5dd58e3ec5cab0b42773359b43654d
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
dd6e44de106272c5bee56ffd6d663e6203123927dbe94fd1fda54434fd60971d
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
deb31207b2a29c4ae2bd8552b158a6cc268bb3d107ae3b3aebe62a6c67a7ff9b
df690f011f9fd617ca22376522eef3c1a90c33cf3f8f10f5dfb4751ac26a202b
e1298eeb75edb1d13521b8d53110ec91a15be2ab59ae348be7dafff0493bff7f
e130f984c95a569ca4090c47703fa69d9bf937b6f6b8d76385f3a9d69e5145ab
e1c1dec900bf44a7268da45c5568be61839585224a45fe46d8178eb77d03ae2a
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e27caf5ef7575e44624276c4533ec16f31258d6baf6b33cc8a16fcc2fda5b4f4
e27f9a7020696fd051c2d220e3c6c95021b4d3c484d7fe11395a300a2299f05a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e611b0be4e5c95931429efd863ff94fcb9931c737bae43e56cdb0a6b705a2a85
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e84c39cbe1042f3492cf863fdd51802fd6a90d0c3755055f8fb2d35ba89d8403
eaf79f6862bda2b84de6ed8c6ce36800e049b949b0f446a6ed18b0d70f2ed726
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed57dc5a5d963ca7a00a6d51fd9c9d2997f2288c451d31586040581c61b90853
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
eee956e4839cd30b305799f1ef77d3f52c0e9a7c614e05bc6a1b1c081419fe57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0822081c33dc4a9cabd9255d574f89280925c4e1f833eefb49a966243014572
f43c52877d10206ab079f2a2a10cdd8437460773c5cb185cdc75b6f44c907459
f489f7a07fbad0b9cd48bbda22f0b291804aed380bd1d158c51985072cb5d1eb
f4b29ab5dd8cc1e0975579022f593789856d9d9a62853b843c082c69f4bb8e78
f69d645eff4e59a43a4c82f98cbdbbff97380c3fd99fb7a32279bebea6f3bbfe
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8584f0da354b5ad22cb4f2b742f6d1df32f3f911792a6bb1baaf4be7498a965
f8ed6953ec9c551204649f088c2f5507722985431c7ea2085459889b44caf000
f9bf9fa651c8ae8e59e40dab22f71585e5a9f91eb209ddb5869f9d857f6321a1
fb08e7a55700b7987f5903f347fcc8854f5e2c37f41770203ef51f456b2c601e
fd34aa73df6051b867a4483074ba90481a74d7692fa4f147bf106341f16f7a12
fda987a7db536b15976cb373bfcf7fb437f76ce9fd6cab676d58ede1e8c046cf
fdb432e7005054d461105ca1f1fd8774f78fda17760cf599d7c2a1ddb71abc43
feae17006d741f4e11c0d2d0be1640c07f5a42223b0a9b45d7ce848bc91c54a9
ffb50d904db44b3985dc1b402000ee05d09a5df0b83e3cf9296ca30286807714
ffd206df712f0040df33bbe4b7370847881beaaf156dbf7a67a422152c9224ba

www.cutimes.com Open in urlscan Pro 2606:4700::6812:3b7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

384 Requests

93 %HTTPS

35 %IPv6

73 Domains

112 Subdomains

90 IPs

8 Countries

3072 kBTransfer

6382 kBSize

80 Cookies

34 Outgoing links

Page URL History

Redirected requests

384 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cutimes.com Open in urlscan Pro
2606:4700::6812:3b7 Public Scan

Screenshot
Live screenshot

Full Image

384
Requests

93 %
HTTPS

35 %
IPv6

73
Domains

112
Subdomains

90
IPs

8
Countries

3072 kB
Transfer

6382 kB
Size

80
Cookies

384 HTTP transactions
1 data transactions